Merge remote-tracking branch 'origin/develop' into feature/SUPPORT-9164

2025-05-15 10:10:27 +03:00 · 2025-05-15 10:10:27 +03:00 · 2267640ded
commit 2267640ded
parent f6b0561412 a61672198f
5 changed files with 27 additions and 20 deletions
--- a/backend/src/main/java/ru/micord/ervu/security/esia/service/EsiaAuthService.java
+++ b/backend/src/main/java/ru/micord/ervu/security/esia/service/EsiaAuthService.java
@ -44,6 +44,7 @@ import ru.micord.ervu.security.esia.model.EsiaHeader;
 import ru.micord.ervu.security.esia.model.EsiaTokenResponse;
 import ru.micord.ervu.security.esia.model.FormUrlencoded;
 import ru.micord.ervu.security.esia.model.PersonModel;
+import ru.micord.ervu.security.esia.model.SignResponse;
 import ru.micord.ervu.security.esia.EsiaAuthInfoStore;
 import ru.micord.ervu.security.esia.config.EsiaConfig;
 import org.springframework.beans.factory.annotation.Autowired;
@ -103,7 +104,6 @@ public class EsiaAuthService {
      DateTimeFormatter formatter = DateTimeFormatter.ofPattern("yyyy.MM.dd HH:mm:ss xx");
      ZonedDateTime dt = ZonedDateTime.now();
      String timestamp = dt.format(formatter);
-      String state = UUID.randomUUID().toString();
      String prnsUUID = UUID.randomUUID().toString();
      Cookie oldPrnsCookie =  WebUtils.getCookie(request, PRNS_UUID);
      if (oldPrnsCookie != null) {
@ -118,10 +118,12 @@ public class EsiaAuthService {
      parameters.put("client_id", clientId);
      parameters.put("scope", scope);
      parameters.put("timestamp", timestamp);
-      parameters.put("state", state);
+      parameters.put("state", "%s");
      parameters.put("redirect_uri", esiaConfig.getRedirectUrl());

-      String clientSecret = signMap(parameters);
+      SignResponse signResponse = signMap(parameters);
+      String state = signResponse.getState();
+      String clientSecret = signResponse.getSignature();
      EsiaAuthInfoStore.addState(prnsUUID, state, esiaConfig.getEsiaStateCookieLifeTime(), esiaConfig.getEsiaLoginAttemptsCount());
      Cookie stickySession =  WebUtils.getCookie(request, STICKY_SESSION);
      LOGGER.info("Auth states initialized: PrnsUUID: {}; State: {}; StickySession: {}", prnsUUID, state,
@ -190,7 +192,6 @@ public class EsiaAuthService {
      DateTimeFormatter formatter = DateTimeFormatter.ofPattern("yyyy.MM.dd HH:mm:ss xx");
      ZonedDateTime dt = ZonedDateTime.now();
      String timestamp = dt.format(formatter);
-      String newState = UUID.randomUUID().toString();
      String redirectUrl = esiaConfig.getRedirectUrl();
      String scope = esiaConfig.getEsiaScopes();

@ -198,13 +199,14 @@ public class EsiaAuthService {
      parameters.put("client_id", clientId);
      parameters.put("scope", scope);
      parameters.put("timestamp", timestamp);
-      parameters.put("state", newState);
+      parameters.put("state", "%s");
      parameters.put("redirect_uri", redirectUrl);
      parameters.put("code", esiaAuthCode);
-
      long startTime = System.currentTimeMillis();
-      String clientSecret = signMap(parameters);
+      SignResponse signResponse = signMap(parameters);
      signSecret = System.currentTimeMillis() - startTime;
+      String newState = signResponse.getState();
+      String clientSecret = signResponse.getSignature();
      String authUrl = esiaConfig.getEsiaBaseUri() + esiaConfig.getEsiaTokenUrl();
      String postBody = new FormUrlencoded()
          .setParameter("client_id", clientId)
@ -294,18 +296,19 @@ public class EsiaAuthService {
      DateTimeFormatter formatter = DateTimeFormatter.ofPattern("yyyy.MM.dd HH:mm:ss xx");
      ZonedDateTime dt = ZonedDateTime.now();
      String timestamp = dt.format(formatter);
-      String state = UUID.randomUUID().toString();
      String redirectUrl = esiaConfig.getRedirectUrl();

      Map<String, String> parameters = new LinkedHashMap<String, String>();
      parameters.put("client_id", clientId);
      parameters.put("scope", esiaConfig.getEsiaScopes());
      parameters.put("timestamp", timestamp);
-      parameters.put("state", state);
+      parameters.put("state", "%s");
      parameters.put("redirect_uri", esiaConfig.getRedirectUrl());
      parameters.put("refresh_token", refreshToken);

-      String clientSecret = signMap(parameters);
+      SignResponse signResponse = signMap(parameters);
+      String state = signResponse.getState();
+      String clientSecret = signResponse.getSignature();
      String authUrl = esiaConfig.getEsiaBaseUri() + esiaConfig.getEsiaTokenUrl();
      String postBody = new FormUrlencoded()
          .setParameter("client_id", clientId)
@ -358,7 +361,7 @@ public class EsiaAuthService {
    }
  }

-  private String signMap(Map<String, String> paramsToSign) {
+  private SignResponse signMap(Map<String, String> paramsToSign) {
    try {
      StringBuilder toSign = new StringBuilder();
      for (String s : paramsToSign.values()) {
@ -377,7 +380,7 @@ public class EsiaAuthService {
          .build()
          .send(request, HttpResponse.BodyHandlers.ofString());
      errorHandler(response);
-      return response.body();
+      return objectMapper.readValue(response.body(), SignResponse.class);

    }
    catch (Exception e) {
--- a/frontend/src/resources/css/inbox-lkrp.css
+++ b/frontend/src/resources/css/inbox-lkrp.css
@ -290,6 +290,13 @@ body.webbpm.ervu_lkrp_fl {
        max-width: 85px;
        overflow: hidden;
    }
+    .webbpm.ervu_lkrp_fl .overlay-container {
+        width: calc(100% - 30px);
+    }
+    .webbpm.ervu_lkrp_fl #toast-container .toast-error {
+        width: 100%;
+        min-width: auto;
+    }    
 }

 /*----------------- Login ---------------- */
@ -379,8 +386,8 @@ body.webbpm.ervu_lkrp_fl {

 .webbpm.ervu_lkrp_fl .loader {
    font-size: 15px;
-    left: calc(50% - 50px);
-    top: calc(50% - 50px);
+    left: calc(50% - 0.4em);
+    top: calc(50% - 0.4em);
    width: 0.8em;
    height: 0.8em;
    border-radius: 50%;
--- a/frontend/src/ts/modules/security/guard/auth.guard.ts
+++ b/frontend/src/ts/modules/security/guard/auth.guard.ts
@ -48,7 +48,6 @@ export abstract class AuthGuard implements CanActivate {
        return false;
      }
      if (code && state) {
-        this.progressIndicationService.showProgressBar();
        const params = new HttpParams().set('code', code).set('state', state);
        this.httpClient.get("esia/auth",
                            {
@ -62,7 +61,6 @@ export abstract class AuthGuard implements CanActivate {
            .toPromise()
            .then(
                () => {
-                  this.progressIndicationService.hideProgressBar();
                  window.open(url.origin + url.pathname, "_self");
                })
            .catch(reason => {
@ -70,8 +68,7 @@ export abstract class AuthGuard implements CanActivate {
              json.messages.forEach((errorMessage) => {
                this.messageService.error(errorMessage, json);
              })
-            })
-            .finally(() => this.progressIndicationService.hideProgressBar());
+            });
        return false;
      }
      else {
--- a/resources/src/main/resources/business-model/LK
+++ b/resources/src/main/resources/business-model/LK
@ -1069,7 +1069,7 @@
        <entry>
            <key>url</key>
            <value>
-                <simple>"https://www.gosuslugi.ru/"</simple>
+                <simple>"https://www.gosuslugi.ru/600284/1/form/"</simple>
            </value>
        </entry>
    </properties>
--- a/resources/src/main/resources/business-model/LK
+++ b/resources/src/main/resources/business-model/LK
@ -4842,7 +4842,7 @@
 <entry>
    <key>initialValue</key>
    <value>
-        <simple>"Если в выписке есть ошибки, подайте \u003ca href\u003d\"https://www.gosuslugi.ru/600595/1/form/\" target\u003d\"_blank\"\u003eзаявление на исправление на Госуслугах\u003c/a\u003e"</simple>
+        <simple>"Если в выписке есть ошибки, подайте \u003ca href\u003d\"https://www.gosuslugi.ru/600284/1/form/\" target\u003d\"_blank\"\u003eзаявление на исправление на Госуслугах\u003c/a\u003e"</simple>
    </value>
 </entry>
 <entry>