Commit 8ef2b7c9 authored by Kristjan Kruus's avatar Kristjan Kruus Committed by GitHub

Merge pull request #33 from e-gov/release/v7.4.1

Release/v7.4.1
parents f1e4694d 5d561952
......@@ -12,7 +12,7 @@
<parent>
<groupId>ee.ria.riha</groupId>
<artifactId>browser</artifactId>
<version>7.4</version>
<version>7.4.1</version>
</parent>
<dependencies>
......@@ -66,17 +66,17 @@
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-databind</artifactId>
<version>2.9.7</version>
<version>2.9.8</version>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-core</artifactId>
<version>2.9.7</version>
<version>2.9.8</version>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-annotations</artifactId>
<version>2.9.7</version>
<version>2.9.8</version>
</dependency>
<dependency>
<groupId>com.github.fge</groupId>
......
......@@ -34,8 +34,11 @@ import org.springframework.security.oauth2.core.AuthorizationGrantType;
import org.springframework.security.oauth2.core.OAuth2AuthenticationException;
import org.springframework.security.oauth2.core.OAuth2Error;
import org.springframework.security.oauth2.jwt.JwtDecoder;
import org.springframework.security.web.access.channel.ChannelProcessingFilter;
import org.springframework.security.web.authentication.logout.HttpStatusReturningLogoutSuccessHandler;
import org.springframework.web.util.UriUtils;
import javax.servlet.http.HttpServletRequest;
import java.lang.reflect.Field;
import java.util.Map;
......@@ -49,6 +52,9 @@ import java.util.Map;
@Slf4j
public class WebSecurityConfiguration extends WebSecurityConfigurerAdapter {
// parameter passed from frontend. Contains the URL from where the login button was clicked.
private static final String REDIRECT_URL_PARAMETER_MARKER = "fromUrl";
@Autowired
private LdapUserDetailsService ldapUserDetailsService;
......@@ -91,7 +97,7 @@ public class WebSecurityConfiguration extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http
http
.csrf().disable() // needed for JWT verification
.cors().disable()
......@@ -102,7 +108,19 @@ public class WebSecurityConfiguration extends WebSecurityConfigurerAdapter {
.logout()
.logoutUrl("/logout")
.logoutSuccessHandler((new HttpStatusReturningLogoutSuccessHandler(HttpStatus.OK)))
.and()
.and()
.addFilterBefore((request, response, chain) -> {
if (request instanceof HttpServletRequest && ((HttpServletRequest) request).getRequestURI().contains("/oauth2/authorization/tara")) {
String fromUrlParameter = request.getParameter(REDIRECT_URL_PARAMETER_MARKER);
log.info("authenticate request detected, fromUrl param ({}) is saved to session ", fromUrlParameter);
((HttpServletRequest) request).getSession().setAttribute("fromUrl", fromUrlParameter);
}
chain.doFilter(request, response);
},
ChannelProcessingFilter.class)
.oauth2Login()
.loginPage(applicationProperties.getBaseUrl())
.successHandler((request, response, authentication) -> {
......@@ -111,7 +129,19 @@ public class WebSecurityConfiguration extends WebSecurityConfigurerAdapter {
((RihaUserDetails) authentication.getPrincipal()).getPersonalCode(),
((RihaUserDetails) authentication.getPrincipal()).getTaraAmr()
);
response.sendRedirect("/Login");
String fromUrl = (String) request.getSession(false).getAttribute("fromUrl");
if (fromUrl != null) {
// fromUrl param has the following format:
// /url?param1=paramValue&param2=param2Value...
// should transform question marks into param delimiters
fromUrl = fromUrl.replaceAll("\\?", "&");
response.sendRedirect("/Login?" + UriUtils.encodePath("fromUrl=" + fromUrl, "UTF-8"));
} else {
response.sendRedirect("/Login");
}
})
.redirectionEndpoint()
.baseUri("/authenticate")
......
package ee.ria.riha.conf;
import org.junit.Test;
import org.springframework.web.util.UriUtils;
import static org.hamcrest.core.Is.is;
import static org.junit.Assert.assertThat;
public class WebSecurityConfigurationTest {
@Test
public void testUrlProperEncoding() {
String encoded = UriUtils.encodePath("infosüsteemid", "UTF-8");
assertThat(encoded, is("infos%C3%BCsteemid"));
}
}
\ No newline at end of file
......@@ -10,7 +10,7 @@
<parent>
<groupId>ee.ria.riha</groupId>
<artifactId>browser</artifactId>
<version>7.4</version>
<version>7.4.1</version>
</parent>
<properties>
......
......@@ -24,42 +24,12 @@
<div class="actions-bar row align-items-center">
<div class="col">
<div class="buttons mt-3 justify-content-end">
<a class="btn btn-primary btn-lg btn-01" href="/oauth2/authorization/tara" role="button">Jätka</a>
<a class="btn btn-primary btn-lg btn-01" href="oauth2/authorization/tara?fromUrl={{getCurrentUrl()}}" role="button">Jätka</a>
</div>
</div>
</div>
</div>
</div>
<!--div class="card card-alt">
<form>
<div class="card-title">
Sisenege Mobiil ID-ga
</div>
<div class="card-block">
<div class="form-group row">
<label for="personal-code-input" class="col col-form-label text-sm-right">Isikukood</label>
<div class="col">
<input class="form-control" type="text" id="personal-code-input">
</div>
</div>
<div class="form-group row">
<label for="phone-number-input" class="col col-form-label text-sm-right">Telefoninumber</label>
<div class="col">
<input class="form-control" type="text" id="phone-number-input">
</div>
</div>
</div>
<div class="card-footer">
<div class="actions-bar row align-items-center">
<div class="col">
<div class="buttons mt-0 justify-content-end">
<a class="btn btn-primary btn-lg btn-01" [routerLink]="'/'" role="button">Jätka</a>
</div>
</div>
</div>
</div>
</form>
</div -->
</div>
</div>
</div>
......
......@@ -22,7 +22,7 @@ export class LoginFormComponent implements OnInit {
this.environmentService.doLogin().then(res => {
this.environmentService.loadEnvironmentData().then(res => {
this.sessionHelper.refreshSessionTimer();
let prevLocation = this.environmentService.getPrevVisitedLocation();
let prevLocation = this.router.routerState.snapshot.root.queryParams.fromUrl;
if (prevLocation){
this.router.navigate([decodeURIComponent(prevLocation)]);
} else {
......@@ -72,6 +72,10 @@ export class LoginFormComponent implements OnInit {
}
getCurrentUrl() {
return this.router.url;
}
ngOnInit() {
this.generalHelperService.setRihaPageTitle('Portaali sisenemine');
}
......
......@@ -4,7 +4,7 @@
</div>
<div class="right d-flex align-items-center">
<a href="/oauth2/authorization/tara" *ngIf="!isUserLoggedIn()" class="btn btn-primary btn-sm">
<a href="/oauth2/authorization/tara?fromUrl={{getCurrentUrl()}}" *ngIf="!isUserLoggedIn()" class="btn btn-primary btn-sm">
<span>Logi Sisse</span>
<span class="fa fa-user"></span>
</a>
......
......@@ -25,6 +25,10 @@ export class RihaNavbarComponent implements OnInit {
return new Date().getSeconds();
}
getCurrentUrl() {
return this.router.url;
}
/*
* TODO: replace with routerLinkActive
* in version 4.1.3 it seems to be broken when working with queryParams,
......
<section class="col card p-3 main-content">
<div class="my-1">
<p>
Sinu sessioon on lõppenud. Tegevuste jätkamiseks <a href="#" (click)="goToLogin()">logi uuesti sisse</a> või jätka autentimata
Sinu sessioon on lõppenud. Tegevuste jätkamiseks <a href="oauth2/authorization/tara?fromUrl={{getCurrentUrl()}}" role="button">logi uuesti sisse</a> või jätka autentimata
</p>
</div>
</section>
import { Component, OnInit } from '@angular/core';
import { Router } from '@angular/router';
import { ModalHelperService } from '../../../services/modal-helper.service';
import {Component, OnInit} from '@angular/core';
import {Router} from '@angular/router';
import {ModalHelperService} from '../../../services/modal-helper.service';
@Component({
selector: 'app-info-modal',
......@@ -21,4 +21,8 @@ export class InfoModalComponent implements OnInit {
ngOnInit() {
}
getCurrentUrl() {
return this.router.url;
}
}
......@@ -5,7 +5,7 @@
<groupId>ee.ria.riha</groupId>
<artifactId>browser</artifactId>
<version>7.4</version>
<version>7.4.1</version>
<packaging>pom</packaging>
<name>RIHA-Browser</name>
......@@ -14,7 +14,7 @@
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>2.1.1.RELEASE</version>
<version>2.1.2.RELEASE</version>
<relativePath/>
</parent>
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment