diff options
Diffstat (limited to 'id/server/modules')
2 files changed, 20 insertions, 4 deletions
diff --git a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthAction.java b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthAction.java index f0cf45293..b2522ea33 100644 --- a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthAction.java +++ b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthAction.java @@ -142,11 +142,14 @@ class OAuth20AuthAction implements IAction { // build id token and scope Pair<String, String> pair = buildIdToken(auth20SessionObject.getScope(), oAuthRequest, authData); - Logger.debug("RESPONSE ID_TOKEN: " + pair.getFirst()); + params.put(OAuth20Constants.RESPONSE_ID_TOKEN, pair.getFirst()); - Logger.debug("RESPONSE SCOPE: " + pair.getSecond()); params.put(OAuth20Constants.PARAM_SCOPE, pair.getSecond()); + Logger.debug("OpenID-Connect ID_TOKEN completed"); + Logger.trace("RESPONSE ID_TOKEN: " + pair.getFirst()); + Logger.trace("RESPONSE SCOPE: " + pair.getSecond()); + return params; } diff --git a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20Protocol.java b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20Protocol.java index 75ea41449..d72fe9686 100644 --- a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20Protocol.java +++ b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20Protocol.java @@ -20,6 +20,7 @@ import com.google.gson.JsonObject; import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants; import at.gv.egovernment.moa.id.auth.exception.InvalidProtocolRequestException; import at.gv.egovernment.moa.id.auth.exception.ProtocolNotActiveException; +import at.gv.egovernment.moa.id.auth.servlet.RedirectServlet; import at.gv.egovernment.moa.id.commons.api.IRequest; import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException; import at.gv.egovernment.moa.id.moduls.RequestImpl; @@ -210,10 +211,13 @@ public class OAuth20Protocol extends AbstractAuthProtocolModulController { URLEncoder.encode(errorUri + "#" + moaError, "UTF-8")); + String redirectURL = protocolRequest.getAuthURL() + RedirectServlet.SERVICE_ENDPOINT; + redirectURL = addURLParameter(redirectURL, RedirectServlet.REDIRCT_PARAM_URL, URLEncoder.encode(url.toString(), "UTF-8")); + response.setContentType("text/html"); response.setStatus(HttpServletResponse.SC_FOUND); - response.addHeader("Location", url.toString()); - Logger.debug("REDIRECT TO: " + url.toString()); + response.addHeader("Location", redirectURL); + Logger.debug("REDIRECT TO: " + redirectURL); return true; } else { @@ -255,4 +259,13 @@ public class OAuth20Protocol extends AbstractAuthProtocolModulController { return true; } + protected static String addURLParameter(String url, String paramname, + String paramvalue) { + String param = paramname + "=" + paramvalue; + if (url.indexOf("?") < 0) + return url + "?" + param; + else + return url + "&" + param; + } + } |