diff options
Diffstat (limited to 'id/server/modules/moa-id-module-openID')
3 files changed, 23 insertions, 6 deletions
diff --git a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthAction.java b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthAction.java index f0cf45293..b2522ea33 100644 --- a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthAction.java +++ b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthAction.java @@ -142,11 +142,14 @@ class OAuth20AuthAction implements IAction { // build id token and scope Pair<String, String> pair = buildIdToken(auth20SessionObject.getScope(), oAuthRequest, authData); - Logger.debug("RESPONSE ID_TOKEN: " + pair.getFirst()); + params.put(OAuth20Constants.RESPONSE_ID_TOKEN, pair.getFirst()); - Logger.debug("RESPONSE SCOPE: " + pair.getSecond()); params.put(OAuth20Constants.PARAM_SCOPE, pair.getSecond()); + Logger.debug("OpenID-Connect ID_TOKEN completed"); + Logger.trace("RESPONSE ID_TOKEN: " + pair.getFirst()); + Logger.trace("RESPONSE SCOPE: " + pair.getSecond()); + return params; } diff --git a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20Protocol.java b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20Protocol.java index 75ea41449..d72fe9686 100644 --- a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20Protocol.java +++ b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20Protocol.java @@ -20,6 +20,7 @@ import com.google.gson.JsonObject; import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants; import at.gv.egovernment.moa.id.auth.exception.InvalidProtocolRequestException; import at.gv.egovernment.moa.id.auth.exception.ProtocolNotActiveException; +import at.gv.egovernment.moa.id.auth.servlet.RedirectServlet; import at.gv.egovernment.moa.id.commons.api.IRequest; import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; import at.gv.egovernment.moa.id.moduls.RequestImpl; @@ -210,10 +211,13 @@ public class OAuth20Protocol extends AbstractAuthProtocolModulController { URLEncoder.encode(errorUri + "#" + moaError, "UTF-8")); + String redirectURL = protocolRequest.getAuthURL() + RedirectServlet.SERVICE_ENDPOINT; + redirectURL = addURLParameter(redirectURL, RedirectServlet.REDIRCT_PARAM_URL, URLEncoder.encode(url.toString(), "UTF-8")); + response.setContentType("text/html"); response.setStatus(HttpServletResponse.SC_FOUND); - response.addHeader("Location", url.toString()); - Logger.debug("REDIRECT TO: " + url.toString()); + response.addHeader("Location", redirectURL); + Logger.debug("REDIRECT TO: " + redirectURL); return true; } else { @@ -255,4 +259,13 @@ public class OAuth20Protocol extends AbstractAuthProtocolModulController { return true; } + protected static String addURLParameter(String url, String paramname, + String paramvalue) { + String param = paramname + "=" + paramvalue; + if (url.indexOf("?") < 0) + return url + "?" + param; + else + return url + "&" + param; + } + } diff --git a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20TokenAction.java b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20TokenAction.java index 985e1d1c5..2117e2ab8 100644 --- a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20TokenAction.java +++ b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20TokenAction.java @@ -77,14 +77,15 @@ class OAuth20TokenAction implements IAction { if (auth20SessionObject == null || !auth20SessionObject.getCode().equals(oAuthRequest.getCode())) { throw new OAuth20UnauthorizedClientException(); } else { - Logger.debug("Loaded of OAuth20SessionObject was successful"); + Logger.debug("Loaded of OAuth20SessionObject was successful. Build jSON response ..."); } // create response JsonObject jsonObject = new JsonObject(); OAuth20Util.addProperytiesToJsonObject(jsonObject, auth20SessionObject.getAuthDataSession()); byte[] jsonResponse = jsonObject.toString().getBytes("UTF-8"); - Logger.debug("JSON Response: " + new String(jsonResponse)); + Logger.debug("jSON response completed."); + Logger.trace("jSON response: " + new String(jsonResponse)); // write respone to http response httpResp.setContentType("application/json"); |