fix possible problems with http proxy

1 files changed, 19 insertions, 22 deletions

diff --git a/id/server/modules/moa-id-module-E-ID_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidproxyauth/controller/EIDAuthMetadataController.java b/id/server/modules/moa-id-module-E-ID_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidproxyauth/controller/EIDAuthMetadataController.java
index 90ecb0942..9fbe04b98 100644
--- a/id/server/modules/moa-id-module-E-ID_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidproxyauth/controller/EIDAuthMetadataController.java
+++ b/id/server/modules/moa-id-module-E-ID_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidproxyauth/controller/EIDAuthMetadataController.java
@@ -23,6 +23,7 @@
 package at.gv.egovernment.moa.id.auth.modules.eidproxyauth.controller;
 
 import java.io.IOException;
+import java.net.URL;
 import java.util.ArrayList;
 import java.util.List;
 import java.util.Map;
@@ -76,28 +77,24 @@ public class EIDAuthMetadataController extends AbstractController {
 	public void getSPMetadata(HttpServletRequest req, HttpServletResponse resp) throws IOException, EAAFException {
 		//check PublicURL prefix
 		try {
-			String authURL = HTTPUtils.extractAuthURLFromRequest(req);		
-			if (!authConfig.getPublicURLPrefix().contains(authURL)) {		
-				resp.sendError(HttpServletResponse.SC_FORBIDDEN, "No valid request URL");
-				return;
-				
-			} else {
-				//initialize metadata builder configuration
-				EIDAuthMetadataConfiguration metadataConfig = 
-						new EIDAuthMetadataConfiguration(authURL, credentialProvider, pvpConfiguration);
-				metadataConfig.setAdditionalRequiredAttributes(getAdditonalRequiredAttributes());	
-				
-				//build metadata
-				String xmlMetadata = metadatabuilder.buildPVPMetadata(metadataConfig);
-				
-				//write response
-				byte[] content = xmlMetadata.getBytes("UTF-8");
-				resp.setStatus(HttpServletResponse.SC_OK);
-				resp.setContentLength(content.length);
-				resp.setContentType(MediaType.XML_UTF_8.toString());
-				resp.getOutputStream().write(content);
-
-			}
+      String authUrlString = HTTPUtils.extractAuthURLFromRequest(req);          
+      String authURL = authConfig.validateIDPURL(new URL(authUrlString));
+      Logger.trace("Build E-ID Metadata for requestUrl: " + authURL);
+      
+			//initialize metadata builder configuration
+			EIDAuthMetadataConfiguration metadataConfig = 
+					new EIDAuthMetadataConfiguration(authURL, credentialProvider, pvpConfiguration);
+			metadataConfig.setAdditionalRequiredAttributes(getAdditonalRequiredAttributes());	
+			
+			//build metadata
+			String xmlMetadata = metadatabuilder.buildPVPMetadata(metadataConfig);
+			
+			//write response
+			byte[] content = xmlMetadata.getBytes("UTF-8");
+			resp.setStatus(HttpServletResponse.SC_OK);
+			resp.setContentLength(content.length);
+			resp.setContentType(MediaType.XML_UTF_8.toString());
+			resp.getOutputStream().write(content);
 			
 		} catch (Exception e) {
 			Logger.warn("Build E-ID Proxy PVP metadata FAILED.", e);