summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/json/OAuthSignatureAlgorithm.java1
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20Protocol.java145
-rw-r--r--id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/oauth/OAuth20ErrorsTests.java6
3 files changed, 90 insertions, 62 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/json/OAuthSignatureAlgorithm.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/json/OAuthSignatureAlgorithm.java
index 5e023ff35..db15516e7 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/json/OAuthSignatureAlgorithm.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/json/OAuthSignatureAlgorithm.java
@@ -47,6 +47,7 @@ public enum OAuthSignatureAlgorithm {
*/
public Signature getSignatureInstance() throws NoSuchAlgorithmException, NoSuchProviderException {
if (!StringUtils.isEmpty(this.providerName)) {
+ //return Signature.getInstance(this.signatureName, this.providerName);
return Signature.getInstance(this.signatureName, this.providerName);
} else {
return Signature.getInstance(this.signatureName);
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20Protocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20Protocol.java
index db18b3a3e..47b81c5ff 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20Protocol.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20Protocol.java
@@ -8,6 +8,7 @@ import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang.StringUtils;
+import org.hibernate.annotations.common.util.StringHelper;
import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
import at.gv.egovernment.moa.id.moduls.IAction;
@@ -67,10 +68,12 @@ public class OAuth20Protocol implements IModulInfo {
* , javax.servlet.http.HttpServletResponse)
*/
public IAction canHandleRequest(HttpServletRequest request, HttpServletResponse response) {
- if (request.getParameter("action").equals(AUTH_ACTION)) {
- return getAction(AUTH_ACTION);
- } else if (request.getParameter("action").equals(TOKEN_ACTION)) {
- return getAction(TOKEN_ACTION);
+ if (!StringUtils.isEmpty(request.getParameter("action"))) {
+ if (request.getParameter("action").equals(AUTH_ACTION)) {
+ return getAction(AUTH_ACTION);
+ } else if (request.getParameter("action").equals(TOKEN_ACTION)) {
+ return getAction(TOKEN_ACTION);
+ }
}
return null;// getAction(AUTH_ACTION);
@@ -85,71 +88,95 @@ public class OAuth20Protocol implements IModulInfo {
public boolean generateErrorMessage(Throwable e, HttpServletRequest request, HttpServletResponse response, IRequest protocolRequest)
throws Throwable {
- StringBuilder url = new StringBuilder();
-
- String paramRedirect = request.getParameter(OAuth20Constants.PARAM_REDIRECT_URI);
+ // get error code and description
+ String errorCode;
+ String errorDescription;
+ // String errorUri = "http://tools.ietf.org/html/draft-ietf-oauth-v2-11";
if (e instanceof OAuth20Exception) {
-
- String action = request.getParameter("action");
-
- Logger.debug("Going to throw O OAuth20Exception for action: " + action);
- OAuth20Exception oAuth20Exception = ((OAuth20Exception) e);
-
- String errorCode = oAuth20Exception.getErrorCode();
- String errorDescription = oAuth20Exception.getMessage();
- // String errorUri = "http://tools.ietf.org/html/draft-ietf-oauth-v2-11";
-
- if (action.equals(AUTH_ACTION)) {
+ errorCode = ((OAuth20Exception) e).getErrorCode();
+ errorDescription = URLEncoder.encode(((OAuth20Exception) e).getMessageId() + ": " + e.getMessage(), "UTF-8");
+ } else {
+ errorCode = OAuth20Constants.ERROR_SERVER_ERROR;
+ errorDescription = URLEncoder.encode(e.getMessage(), "UTF-8");
+ }
+
+ String paramRedirect = null;
+ String state = null;
+ boolean isAuthRequest = false;
+ if (protocolRequest != null) {
+ if (protocolRequest instanceof OAuth20AuthRequest) {
+ isAuthRequest = true;
- // check if given redirect url is ok
- if (StringUtils.isNotEmpty(paramRedirect) && OAuth20Util.isUrl(paramRedirect)) {
- url.append(paramRedirect);
+ paramRedirect = ((OAuth20AuthRequest) protocolRequest).getRedirectUri();
+ state = ((OAuth20AuthRequest) protocolRequest).getState();
+ } else {
+ isAuthRequest = false;
+ }
+ } else {
+ String action = request.getParameter("action");
+ if (!StringHelper.isEmpty(action)) {
+ if (action.equals(AUTH_ACTION)) {
- // otherwise throw an
- } else {
- throw new MOAIDException("oauth20.01", new Object[] {});
+ paramRedirect = request.getParameter(OAuth20Constants.PARAM_REDIRECT_URI);
+ state = request.getParameter(OAuth20Constants.PARAM_STATE);
+ isAuthRequest = true;
}
+ } else {
+ throw new MOAIDException("oauth20.01", new Object[] {});
+ }
+ }
+
+ // if (action.equals(AUTH_ACTION)) {
+ if (isAuthRequest) {
+ Logger.debug("Going to throw O OAuth20Exception for auth request");
+
+ StringBuilder url = new StringBuilder();
+
+ // check if given redirect url is ok
+ if (StringUtils.isNotEmpty(paramRedirect) && OAuth20Util.isUrl(paramRedirect)) {
+ url.append(paramRedirect);
- String state = request.getParameter(OAuth20Constants.PARAM_STATE);
-
- OAuth20Util.addParameterToURL(url, OAuth20Constants.PARAM_ERROR, errorCode);
- OAuth20Util.addParameterToURL(url, OAuth20Constants.PARAM_ERROR_DESCRIPTION,
- URLEncoder.encode(oAuth20Exception.getMessageId() + ": " + errorDescription, "UTF-8"));
- // OAuth20Util.addParameterToURL(url, OAuth20Constants.PARAM_ERROR_URI, errorUri);
- OAuth20Util.addParameterToURL(url, OAuth20Constants.PARAM_STATE, state);
-
- response.setContentType("text/html");
- response.setStatus(HttpServletResponse.SC_FOUND);
- response.addHeader("Location", url.toString());
- Logger.debug("REDIRECT TO: " + url.toString());
- return true;
-
- } else if (action.equals(TOKEN_ACTION)) {
- Map<String, Object> params = new HashMap<String, Object>();
- params.put(OAuth20Constants.PARAM_ERROR, errorCode);
- params.put(OAuth20Constants.PARAM_ERROR_DESCRIPTION,
- URLEncoder.encode(oAuth20Exception.getMessageId() + ": " + errorDescription, "UTF-8"));
- // params.put(OAuth20Constants.PARAM_ERROR_URI, errorUri);
-
- // create response
- JsonObject jsonObject = new JsonObject();
- OAuth20Util.addProperytiesToJsonObject(jsonObject, params);
- String jsonResponse = jsonObject.toString();
- Logger.debug("JSON Response: " + jsonResponse);
-
- // write respone to http response
- response.setContentType("application/json");
- response.setStatus(HttpServletResponse.SC_BAD_REQUEST);
- response.getOutputStream().print(jsonResponse);
- response.getOutputStream().close();
-
- return true;
+ // otherwise throw an
+ } else {
+ throw new MOAIDException("oauth20.01", new Object[] {});
}
+ OAuth20Util.addParameterToURL(url, OAuth20Constants.PARAM_ERROR, errorCode);
+ OAuth20Util.addParameterToURL(url, OAuth20Constants.PARAM_ERROR_DESCRIPTION, errorDescription);
+ // OAuth20Util.addParameterToURL(url, OAuth20Constants.PARAM_ERROR_URI, errorUri);
+ OAuth20Util.addParameterToURL(url, OAuth20Constants.PARAM_STATE, state);
+
+ response.setContentType("text/html");
+ response.setStatus(HttpServletResponse.SC_FOUND);
+ response.addHeader("Location", url.toString());
+ Logger.debug("REDIRECT TO: " + url.toString());
+ return true;
+
+ } else {
+ Logger.debug("Going to throw O OAuth20Exception for token request");
+
+ Map<String, Object> params = new HashMap<String, Object>();
+ params.put(OAuth20Constants.PARAM_ERROR, errorCode);
+ params.put(OAuth20Constants.PARAM_ERROR_DESCRIPTION, errorDescription);
+ // params.put(OAuth20Constants.PARAM_ERROR_URI, errorUri);
+
+ // create response
+ JsonObject jsonObject = new JsonObject();
+ OAuth20Util.addProperytiesToJsonObject(jsonObject, params);
+ String jsonResponse = jsonObject.toString();
+ Logger.debug("JSON Response: " + jsonResponse);
+
+ // write respone to http response
+ response.setContentType("application/json");
+ response.setStatus(HttpServletResponse.SC_BAD_REQUEST);
+ response.getOutputStream().print(jsonResponse);
+ response.getOutputStream().close();
+
+ return true;
}
- return false;
+ // return false;
}
diff --git a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/oauth/OAuth20ErrorsTests.java b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/oauth/OAuth20ErrorsTests.java
index 9aede62e3..abfca4f36 100644
--- a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/oauth/OAuth20ErrorsTests.java
+++ b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/oauth/OAuth20ErrorsTests.java
@@ -28,11 +28,11 @@ public class OAuth20ErrorsTests {
private static VerificationCodeReceiver receiver;
// base uri
- private static String OAUTH2_BASE_URI = "http://localhost:8080/moa-id-auth/dispatcher";
+ private static String OAUTH2_BASE_URI = "https://localhost/moa-id-auth/";
// auth action
- private static String OAUTH2_AUTH_URI = OAUTH2_BASE_URI + "?mod=id_oauth20&action=AUTH";
+ private static String OAUTH2_AUTH_URI = OAUTH2_BASE_URI + "oauth2/auth";
// token action
- private static String OAUTH2_TOKEN_URI = OAUTH2_BASE_URI + "?mod=id_oauth20&action=TOKEN";
+ private static String OAUTH2_TOKEN_URI = OAUTH2_BASE_URI + "oauth2/token";
// client id
private static String CLIENT_ID = "http://test";
generated by cgit v1.2.3 (git 2.39.1) at 2025-10-31 01:05:49 +0000