Skip to content
This repository has been archived by the owner on Aug 10, 2021. It is now read-only.

Commit

Permalink
Merge branch 'develop'
Browse files Browse the repository at this point in the history
  • Loading branch information
@priitr
priitr committed May 30, 2019
2 parents 628c569 + d7e1706 commit c2b5028
Show file tree
Hide file tree
Showing 4 changed files with 10 additions and 9 deletions.
4 changes: 2 additions & 2 deletions pom.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@
<groupId>ee.ria.tara</groupId>
<artifactId>tara-server</artifactId>
<packaging>war</packaging>
<version>1.4.7</version>
<version>1.4.8</version>

<properties>
<cas.version>5.3.9</cas.version>
Expand Down Expand Up @@ -138,7 +138,7 @@
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-databind</artifactId>
<version>2.9.8</version>
<version>2.9.9</version>
</dependency>

<dependency>
Expand Down
9 changes: 5 additions & 4 deletions src/main/java/ee/ria/sso/oidc/OidcAuthorizeRequestValidationServletFilter.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,13 +14,14 @@
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.net.URLEncoder;
import java.nio.charset.StandardCharsets;
import java.util.Arrays;
import java.util.Collections;
import java.util.List;
import java.util.Objects;
import java.util.stream.Collectors;

import static java.nio.charset.StandardCharsets.UTF_8;

@Slf4j
@AllArgsConstructor
public class OidcAuthorizeRequestValidationServletFilter implements Filter {
Expand Down Expand Up @@ -62,11 +63,11 @@ private String getRedirectUrlToRelyingParty(HttpServletRequest request, OidcAuth
StringBuilder sb = new StringBuilder();
sb.append(redirectUri);
sb.append(redirectUri.contains("?") ? "&" : "?");
sb.append(String.format("error=%s", URLEncoder.encode(e.getErrorCode(), StandardCharsets.UTF_8.name())));
sb.append(String.format("&error_description=%s", URLEncoder.encode(e.getErrorDescription(), StandardCharsets.UTF_8.name())));
sb.append(String.format("error=%s", URLEncoder.encode(e.getErrorCode(), UTF_8.name())));
sb.append(String.format("&error_description=%s", URLEncoder.encode(e.getErrorDescription(), UTF_8.name())));
String state = request.getParameter(OidcAuthorizeRequestParameter.STATE.getParameterKey());
if (StringUtils.isNotBlank(state)) {
sb.append(String.format("&state=%s", state));
sb.append(String.format("&state=%s", URLEncoder.encode(state, UTF_8.name())));
}

return sb.toString();
Expand Down
2 changes: 1 addition & 1 deletion src/main/webapp/WEB-INF/classes/templates/fragments/head.html
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
<head xmlns:th="http://www.w3.org/1999/xhtml">
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<link rel="icon" th:href="@{/favicon.ico}" type="image/x-icon"/>
<link rel="icon" href="/favicon.ico" type="image/x-icon"/>
<link rel="stylesheet" href="/styles/main.css">
<title th:text="#{label.page.title}"></title>
</head>
4 changes: 2 additions & 2 deletions src/test/java/ee/ria/sso/oidc/OidcAuthorizeRequestValidationServletFilterTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -225,7 +225,7 @@ private void assertExceptionThrownWhenParameterValidationFails(OidcAuthorizeRequ
private void assertRedirectWhenParameterValidationFails(String redirectUri, String expectedDelimiter, OidcAuthorizeRequestParameter... parameters) throws IOException, ServletException {
MockHttpServletRequest servletRequest = new MockHttpServletRequest();
servletRequest.addParameter("redirect_uri", redirectUri);
servletRequest.addParameter("state", "123456789abcdefghjiklmn");
servletRequest.addParameter("state", "123456789abcdefghjiklmn&additional=1");

for (OidcAuthorizeRequestParameter parameter : parameters) {
Mockito.doThrow(new OidcAuthorizeRequestValidator.InvalidRequestException(parameter, "test", "test description")).when(oidcRequestValidator).validateAuthenticationRequestParameters(Mockito.any());
Expand All @@ -234,7 +234,7 @@ private void assertRedirectWhenParameterValidationFails(String redirectUri, Stri
servletFilter.doFilter(servletRequest, servletResponse, Mockito.mock(FilterChain.class));

Assert.assertEquals(302, servletResponse.getStatus());
Assert.assertEquals(redirectUri + expectedDelimiter + "error=test&error_description=test+description&state=123456789abcdefghjiklmn", servletResponse.getRedirectedUrl());
Assert.assertEquals(redirectUri + expectedDelimiter + "error=test&error_description=test+description&state=123456789abcdefghjiklmn%26additional%3D1", servletResponse.getRedirectedUrl());
}
}

Expand Down

0 comments on commit c2b5028

Please sign in to comment.