aboutsummaryrefslogtreecommitdiff
path: root/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/RedirectServlet.java
diff options
context:
space:
mode:
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/RedirectServlet.java')
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/RedirectServlet.java35
1 files changed, 19 insertions, 16 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/RedirectServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/RedirectServlet.java
index 7dd8645c6..ba8ace6c9 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/RedirectServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/RedirectServlet.java
@@ -25,34 +25,36 @@ package at.gv.egovernment.moa.id.auth.servlet;
import java.io.IOException;
import java.io.PrintWriter;
-import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Controller;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestMethod;
+
import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
import at.gv.egovernment.moa.id.auth.builder.RedirectFormBuilder;
-
import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
import at.gv.egovernment.moa.id.moduls.SSOManager;
import at.gv.egovernment.moa.id.util.FormBuildUtils;
+import at.gv.egovernment.moa.id.util.HTTPUtils;
import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.util.MiscUtil;
import at.gv.egovernment.moa.util.URLEncoder;
-
-public class RedirectServlet extends AuthServlet{
-
- private static final long serialVersionUID = 1L;
+@Controller
+public class RedirectServlet {
public static final String REDIRCT_PARAM_URL = "redirecturl";
-
private static final String DEFAULT_REDIRECTTARGET = "_parent";
+ @Autowired SSOManager ssoManager;
- protected void doGet(HttpServletRequest req, HttpServletResponse resp)
- throws ServletException, IOException {
+ @RequestMapping(value = "/RedirectServlet", method = RequestMethod.GET)
+ public void performLogOut(HttpServletRequest req, HttpServletResponse resp) throws IOException {
Logger.debug("Receive " + RedirectServlet.class + " Request");
String url = req.getParameter(REDIRCT_PARAM_URL);
@@ -64,8 +66,10 @@ public class RedirectServlet extends AuthServlet{
OAAuthParameter oa = null;
String redirectTarget = DEFAULT_REDIRECTTARGET;
try {
- oa = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(url);
- if (oa == null && !url.startsWith(AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix())) {
+ oa = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(url);
+ String authURL = HTTPUtils.extractAuthURLFromRequest(req);
+
+ if (oa == null && !AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix().contains(authURL)) {
resp.sendError(HttpServletResponse.SC_FORBIDDEN, "Parameters not valid");
return;
@@ -86,12 +90,12 @@ public class RedirectServlet extends AuthServlet{
if (MiscUtil.isNotEmpty(target)) {
// redirectURL = addURLParameter(redirectURL, PARAM_TARGET,
// URLEncoder.encode(session.getTarget(), "UTF-8"));
- url = addURLParameter(url, MOAIDAuthConstants.PARAM_TARGET,
+ url = HTTPUtils.addURLParameter(url, MOAIDAuthConstants.PARAM_TARGET,
URLEncoder.encode(target, "UTF-8"));
}
- url = addURLParameter(url, MOAIDAuthConstants.PARAM_SAMLARTIFACT,
+ url = HTTPUtils.addURLParameter(url, MOAIDAuthConstants.PARAM_SAMLARTIFACT,
URLEncoder.encode(artifact, "UTF-8"));
url = resp.encodeRedirectURL(url);
@@ -106,8 +110,7 @@ public class RedirectServlet extends AuthServlet{
} else if (MiscUtil.isNotEmpty(interIDP)) {
//store IDP identifier and redirect to generate AuthRequst service
Logger.info("Receive an interfederation redirect request for IDP " + interIDP);
- SSOManager sso = SSOManager.getInstance();
- sso.setInterfederationIDPCookie(req, resp, interIDP);
+ ssoManager.setInterfederationIDPCookie(req, resp, interIDP);
Logger.debug("Redirect to " + url);
url = resp.encodeRedirectURL(url);
@@ -138,7 +141,7 @@ public class RedirectServlet extends AuthServlet{
}
+
}
-
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-25 21:33:22 +0000