diff --git a/backend/src/main/java/ru/micord/ervu/security/esia/service/EsiaAuthService.java b/backend/src/main/java/ru/micord/ervu/security/esia/service/EsiaAuthService.java index c18984c..fd45a01 100644 --- a/backend/src/main/java/ru/micord/ervu/security/esia/service/EsiaAuthService.java +++ b/backend/src/main/java/ru/micord/ervu/security/esia/service/EsiaAuthService.java @@ -44,6 +44,7 @@ import ru.micord.ervu.security.esia.model.EsiaHeader; import ru.micord.ervu.security.esia.model.EsiaTokenResponse; import ru.micord.ervu.security.esia.model.FormUrlencoded; import ru.micord.ervu.security.esia.model.PersonModel; +import ru.micord.ervu.security.esia.model.SignResponse; import ru.micord.ervu.security.esia.EsiaAuthInfoStore; import ru.micord.ervu.security.esia.config.EsiaConfig; import org.springframework.beans.factory.annotation.Autowired; @@ -103,7 +104,6 @@ public class EsiaAuthService { DateTimeFormatter formatter = DateTimeFormatter.ofPattern("yyyy.MM.dd HH:mm:ss xx"); ZonedDateTime dt = ZonedDateTime.now(); String timestamp = dt.format(formatter); - String state = UUID.randomUUID().toString(); String prnsUUID = UUID.randomUUID().toString(); Cookie oldPrnsCookie = WebUtils.getCookie(request, PRNS_UUID); if (oldPrnsCookie != null) { @@ -118,10 +118,12 @@ public class EsiaAuthService { parameters.put("client_id", clientId); parameters.put("scope", scope); parameters.put("timestamp", timestamp); - parameters.put("state", state); + parameters.put("state", "%s"); parameters.put("redirect_uri", esiaConfig.getRedirectUrl()); - String clientSecret = signMap(parameters); + SignResponse signResponse = signMap(parameters); + String state = signResponse.getState(); + String clientSecret = signResponse.getSignature(); EsiaAuthInfoStore.addState(prnsUUID, state, esiaConfig.getEsiaStateCookieLifeTime(), esiaConfig.getEsiaLoginAttemptsCount()); Cookie stickySession = WebUtils.getCookie(request, STICKY_SESSION); LOGGER.info("Auth states initialized: PrnsUUID: {}; State: {}; StickySession: {}", prnsUUID, state, @@ -190,7 +192,6 @@ public class EsiaAuthService { DateTimeFormatter formatter = DateTimeFormatter.ofPattern("yyyy.MM.dd HH:mm:ss xx"); ZonedDateTime dt = ZonedDateTime.now(); String timestamp = dt.format(formatter); - String newState = UUID.randomUUID().toString(); String redirectUrl = esiaConfig.getRedirectUrl(); String scope = esiaConfig.getEsiaScopes(); @@ -198,13 +199,14 @@ public class EsiaAuthService { parameters.put("client_id", clientId); parameters.put("scope", scope); parameters.put("timestamp", timestamp); - parameters.put("state", newState); + parameters.put("state", "%s"); parameters.put("redirect_uri", redirectUrl); parameters.put("code", esiaAuthCode); - long startTime = System.currentTimeMillis(); - String clientSecret = signMap(parameters); + SignResponse signResponse = signMap(parameters); signSecret = System.currentTimeMillis() - startTime; + String newState = signResponse.getState(); + String clientSecret = signResponse.getSignature(); String authUrl = esiaConfig.getEsiaBaseUri() + esiaConfig.getEsiaTokenUrl(); String postBody = new FormUrlencoded() .setParameter("client_id", clientId) @@ -294,18 +296,19 @@ public class EsiaAuthService { DateTimeFormatter formatter = DateTimeFormatter.ofPattern("yyyy.MM.dd HH:mm:ss xx"); ZonedDateTime dt = ZonedDateTime.now(); String timestamp = dt.format(formatter); - String state = UUID.randomUUID().toString(); String redirectUrl = esiaConfig.getRedirectUrl(); Map parameters = new LinkedHashMap(); parameters.put("client_id", clientId); parameters.put("scope", esiaConfig.getEsiaScopes()); parameters.put("timestamp", timestamp); - parameters.put("state", state); + parameters.put("state", "%s"); parameters.put("redirect_uri", esiaConfig.getRedirectUrl()); parameters.put("refresh_token", refreshToken); - String clientSecret = signMap(parameters); + SignResponse signResponse = signMap(parameters); + String state = signResponse.getState(); + String clientSecret = signResponse.getSignature(); String authUrl = esiaConfig.getEsiaBaseUri() + esiaConfig.getEsiaTokenUrl(); String postBody = new FormUrlencoded() .setParameter("client_id", clientId) @@ -358,7 +361,7 @@ public class EsiaAuthService { } } - private String signMap(Map paramsToSign) { + private SignResponse signMap(Map paramsToSign) { try { StringBuilder toSign = new StringBuilder(); for (String s : paramsToSign.values()) { @@ -377,7 +380,7 @@ public class EsiaAuthService { .build() .send(request, HttpResponse.BodyHandlers.ofString()); errorHandler(response); - return response.body(); + return objectMapper.readValue(response.body(), SignResponse.class); } catch (Exception e) { diff --git a/frontend/src/resources/css/inbox-lkrp.css b/frontend/src/resources/css/inbox-lkrp.css index 4dbd3a6..803a966 100644 --- a/frontend/src/resources/css/inbox-lkrp.css +++ b/frontend/src/resources/css/inbox-lkrp.css @@ -290,6 +290,13 @@ body.webbpm.ervu_lkrp_fl { max-width: 85px; overflow: hidden; } + .webbpm.ervu_lkrp_fl .overlay-container { + width: calc(100% - 30px); + } + .webbpm.ervu_lkrp_fl #toast-container .toast-error { + width: 100%; + min-width: auto; + } } /*----------------- Login ---------------- */ @@ -379,8 +386,8 @@ body.webbpm.ervu_lkrp_fl { .webbpm.ervu_lkrp_fl .loader { font-size: 15px; - left: calc(50% - 50px); - top: calc(50% - 50px); + left: calc(50% - 0.4em); + top: calc(50% - 0.4em); width: 0.8em; height: 0.8em; border-radius: 50%; diff --git a/frontend/src/ts/modules/security/guard/auth.guard.ts b/frontend/src/ts/modules/security/guard/auth.guard.ts index 341a012..257fc1b 100644 --- a/frontend/src/ts/modules/security/guard/auth.guard.ts +++ b/frontend/src/ts/modules/security/guard/auth.guard.ts @@ -48,7 +48,6 @@ export abstract class AuthGuard implements CanActivate { return false; } if (code && state) { - this.progressIndicationService.showProgressBar(); const params = new HttpParams().set('code', code).set('state', state); this.httpClient.get("esia/auth", { @@ -62,7 +61,6 @@ export abstract class AuthGuard implements CanActivate { .toPromise() .then( () => { - this.progressIndicationService.hideProgressBar(); window.open(url.origin + url.pathname, "_self"); }) .catch(reason => { @@ -70,8 +68,7 @@ export abstract class AuthGuard implements CanActivate { json.messages.forEach((errorMessage) => { this.messageService.error(errorMessage, json); }) - }) - .finally(() => this.progressIndicationService.hideProgressBar()); + }); return false; } else { diff --git a/resources/src/main/resources/business-model/LK RP FL/mydata.page b/resources/src/main/resources/business-model/LK RP FL/mydata.page index d3f5460..2e50004 100644 --- a/resources/src/main/resources/business-model/LK RP FL/mydata.page +++ b/resources/src/main/resources/business-model/LK RP FL/mydata.page @@ -1069,7 +1069,7 @@ url - "https://www.gosuslugi.ru/" + "https://www.gosuslugi.ru/600284/1/form/" diff --git a/resources/src/main/resources/business-model/LK RP FL/screen-form-fl.page b/resources/src/main/resources/business-model/LK RP FL/screen-form-fl.page index 4c726a2..0109cb6 100644 --- a/resources/src/main/resources/business-model/LK RP FL/screen-form-fl.page +++ b/resources/src/main/resources/business-model/LK RP FL/screen-form-fl.page @@ -4842,7 +4842,7 @@ initialValue - "Если в выписке есть ошибки, подайте \u003ca href\u003d\"https://www.gosuslugi.ru/600595/1/form/\" target\u003d\"_blank\"\u003eзаявление на исправление на Госуслугах\u003c/a\u003e" + "Если в выписке есть ошибки, подайте \u003ca href\u003d\"https://www.gosuslugi.ru/600284/1/form/\" target\u003d\"_blank\"\u003eзаявление на исправление на Госуслугах\u003c/a\u003e"