From fc5edba37c9a7167204ef86d8ffb180da26db1ad Mon Sep 17 00:00:00 2001 From: Eduard Tihomirov Date: Thu, 27 Feb 2025 11:06:04 +0300 Subject: [PATCH 1/9] return SUPPORT-8822 --- .../esia/service/EsiaAuthService.java | 28 +++++++++++-------- 1 file changed, 16 insertions(+), 12 deletions(-) diff --git a/backend/src/main/java/ru/micord/ervu/security/esia/service/EsiaAuthService.java b/backend/src/main/java/ru/micord/ervu/security/esia/service/EsiaAuthService.java index 076100e..052ba6d 100644 --- a/backend/src/main/java/ru/micord/ervu/security/esia/service/EsiaAuthService.java +++ b/backend/src/main/java/ru/micord/ervu/security/esia/service/EsiaAuthService.java @@ -43,7 +43,9 @@ import ru.micord.ervu.security.esia.model.EsiaHeader; import ru.micord.ervu.security.esia.model.EsiaTokenResponse; import ru.micord.ervu.security.esia.model.FormUrlencoded; import ru.micord.ervu.security.esia.model.PersonModel; +import ru.micord.ervu.security.esia.model.SignResponse; import ru.micord.ervu.security.esia.EsiaAuthInfoStore; +import ru.micord.ervu.security.esia.model.SignResponse; import ru.micord.ervu.security.esia.config.EsiaConfig; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.http.HttpHeaders; @@ -103,7 +105,6 @@ public class EsiaAuthService { DateTimeFormatter formatter = DateTimeFormatter.ofPattern("yyyy.MM.dd HH:mm:ss xx"); ZonedDateTime dt = ZonedDateTime.now(); String timestamp = dt.format(formatter); - String state = UUID.randomUUID().toString(); String prnsUUID = UUID.randomUUID().toString(); String redirectUrl = esiaConfig.getRedirectUrl(); String redirectUrlEncoded = redirectUrl.replaceAll(":", "%3A") @@ -114,10 +115,12 @@ public class EsiaAuthService { parameters.put("client_id", clientId); parameters.put("scope", scope); parameters.put("timestamp", timestamp); - parameters.put("state", state); + parameters.put("state", "%s"); parameters.put("redirect_uri", esiaConfig.getRedirectUrl()); - String clientSecret = signMap(parameters); + SignResponse signResponse = signMap(parameters); + String state = signResponse.getState(); + String clientSecret = signResponse.getSignature(); EsiaAuthInfoStore.addState(prnsUUID, state, esiaConfig.getEsiaStateCookieLifeTime()); ResponseCookie prnsCookie = securityHelper.createCookie(PRNS_UUID, prnsUUID, "/") .maxAge(esiaConfig.getEsiaStateCookieLifeTime()) @@ -185,7 +188,6 @@ public class EsiaAuthService { DateTimeFormatter formatter = DateTimeFormatter.ofPattern("yyyy.MM.dd HH:mm:ss xx"); ZonedDateTime dt = ZonedDateTime.now(); String timestamp = dt.format(formatter); - String newState = UUID.randomUUID().toString(); String redirectUrl = esiaConfig.getRedirectUrl(); String scope = esiaConfig.getEsiaScopes(); @@ -193,13 +195,14 @@ public class EsiaAuthService { parameters.put("client_id", clientId); parameters.put("scope", scope); parameters.put("timestamp", timestamp); - parameters.put("state", newState); + parameters.put("state", "%s"); parameters.put("redirect_uri", redirectUrl); parameters.put("code", esiaAuthCode); - long startTime = System.currentTimeMillis(); - String clientSecret = signMap(parameters); + SignResponse signResponse = signMap(parameters); signSecret = System.currentTimeMillis() - startTime; + String newState = signResponse.getState(); + String clientSecret = signResponse.getSignature(); String authUrl = esiaConfig.getEsiaBaseUri() + esiaConfig.getEsiaTokenUrl(); String postBody = new FormUrlencoded() .setParameter("client_id", clientId) @@ -289,18 +292,19 @@ public class EsiaAuthService { DateTimeFormatter formatter = DateTimeFormatter.ofPattern("yyyy.MM.dd HH:mm:ss xx"); ZonedDateTime dt = ZonedDateTime.now(); String timestamp = dt.format(formatter); - String state = UUID.randomUUID().toString(); String redirectUrl = esiaConfig.getRedirectUrl(); Map parameters = new LinkedHashMap(); parameters.put("client_id", clientId); parameters.put("scope", esiaConfig.getEsiaScopes()); parameters.put("timestamp", timestamp); - parameters.put("state", state); + parameters.put("state", "%s"); parameters.put("redirect_uri", esiaConfig.getRedirectUrl()); parameters.put("refresh_token", refreshToken); - String clientSecret = signMap(parameters); + SignResponse signResponse = signMap(parameters); + String state = signResponse.getState(); + String clientSecret = signResponse.getSignature(); String authUrl = esiaConfig.getEsiaBaseUri() + esiaConfig.getEsiaTokenUrl(); String postBody = new FormUrlencoded() .setParameter("client_id", clientId) @@ -350,7 +354,7 @@ public class EsiaAuthService { } } - private String signMap(Map paramsToSign) { + private SignResponse signMap(Map paramsToSign) { try { StringBuilder toSign = new StringBuilder(); for (String s : paramsToSign.values()) { @@ -369,7 +373,7 @@ public class EsiaAuthService { .build() .send(request, HttpResponse.BodyHandlers.ofString()); errorHandler(response); - return response.body(); + return objectMapper.readValue(response.body(), SignResponse.class); } catch (Exception e) { From 9a2fdef3dc22b3163ab08af1ab7115aff80d4cd5 Mon Sep 17 00:00:00 2001 From: kochetkov Date: Mon, 12 May 2025 11:07:17 +0300 Subject: [PATCH 2/9] SUPPORT-9164 add progress bar --- frontend/src/ts/modules/security/guard/auth.guard.ts | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/frontend/src/ts/modules/security/guard/auth.guard.ts b/frontend/src/ts/modules/security/guard/auth.guard.ts index fb1b936..427904d 100644 --- a/frontend/src/ts/modules/security/guard/auth.guard.ts +++ b/frontend/src/ts/modules/security/guard/auth.guard.ts @@ -2,7 +2,7 @@ import {Injectable} from "@angular/core"; import {ActivatedRouteSnapshot, CanActivate, Router, RouterStateSnapshot} from "@angular/router"; import {Observable} from "rxjs"; import {HttpClient, HttpParams} from "@angular/common/http"; -import {MessagesService} from "@webbpm/base-package"; +import {MessagesService, ProgressIndicationService} from "@webbpm/base-package"; import {AuthenticationService} from "../authentication.service"; import {EsiaErrorDetail} from "../EsiaErrorDetail"; @@ -13,6 +13,7 @@ export abstract class AuthGuard implements CanActivate { protected router: Router, private httpClient: HttpClient, private authenticationService: AuthenticationService, + private progressIndicationService: ProgressIndicationService, private messageService: MessagesService ) { } @@ -44,6 +45,7 @@ export abstract class AuthGuard implements CanActivate { return false; } if (code && state) { + this.progressIndicationService.showProgressBar(); const params = new HttpParams().set('code', code).set('state', state); this.httpClient.get("esia/auth", { @@ -57,6 +59,7 @@ export abstract class AuthGuard implements CanActivate { .toPromise() .then( () => { + this.progressIndicationService.hideProgressBar(); window.open(url.origin + url.pathname, "_self"); }) .catch(reason => { @@ -64,7 +67,8 @@ export abstract class AuthGuard implements CanActivate { json.messages.forEach((errorMessage) => { this.messageService.error(errorMessage, json); }) - }); + }) + .finally(() => this.progressIndicationService.hideProgressBar()); return false; } else { From 906a897372d92291b5474173c79cf76f47759e2a Mon Sep 17 00:00:00 2001 From: kochetkov Date: Mon, 12 May 2025 11:15:52 +0300 Subject: [PATCH 3/9] SUPPORT-9164 fix --- .../ru/micord/ervu/security/esia/service/EsiaAuthService.java | 2 +- .../ervu/security/webbpm/jwt/helper/SecurityHelper.java | 4 ++++ 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/backend/src/main/java/ru/micord/ervu/security/esia/service/EsiaAuthService.java b/backend/src/main/java/ru/micord/ervu/security/esia/service/EsiaAuthService.java index 6a1d03f..40ce84d 100644 --- a/backend/src/main/java/ru/micord/ervu/security/esia/service/EsiaAuthService.java +++ b/backend/src/main/java/ru/micord/ervu/security/esia/service/EsiaAuthService.java @@ -126,7 +126,7 @@ public class EsiaAuthService { String clientSecret = signMap(parameters); EsiaAuthInfoStore.addState(prnsUUID, state, esiaConfig.getEsiaStateCookieLifeTime(), esiaConfig.getEsiaLoginAttemptsCount()); - ResponseCookie prnsCookie = securityHelper.createCookie(PRNS_UUID, prnsUUID, "/") + ResponseCookie prnsCookie = securityHelper.createAccessCookie(PRNS_UUID, prnsUUID) .maxAge(esiaConfig.getEsiaStateCookieLifeTime()) .build(); securityHelper.addResponseCookie(response, prnsCookie); diff --git a/backend/src/main/java/ru/micord/ervu/security/webbpm/jwt/helper/SecurityHelper.java b/backend/src/main/java/ru/micord/ervu/security/webbpm/jwt/helper/SecurityHelper.java index 3f002db..ec240df 100644 --- a/backend/src/main/java/ru/micord/ervu/security/webbpm/jwt/helper/SecurityHelper.java +++ b/backend/src/main/java/ru/micord/ervu/security/webbpm/jwt/helper/SecurityHelper.java @@ -92,4 +92,8 @@ public final class SecurityHelper { .secure(accessCookieSecure) .sameSite(accessCookieSameSite); } + + public ResponseCookie.ResponseCookieBuilder createAccessCookie(String name, String value) { + return createCookie(name, value, accessCookiePath); + } } From aeeb8422dcad31cd93fcb157ebbc4f28c4bdcc9d Mon Sep 17 00:00:00 2001 From: Eduard Tihomirov Date: Tue, 13 May 2025 10:09:43 +0300 Subject: [PATCH 4/9] SUPPORT-9164: Fix --- .../ervu/security/esia/EsiaAuthInfoStore.java | 15 ++++++++++----- .../security/esia/service/EsiaAuthService.java | 13 +++---------- .../webbpm/jwt/helper/SecurityHelper.java | 10 +++++++--- 3 files changed, 20 insertions(+), 18 deletions(-) diff --git a/backend/src/main/java/ru/micord/ervu/security/esia/EsiaAuthInfoStore.java b/backend/src/main/java/ru/micord/ervu/security/esia/EsiaAuthInfoStore.java index 20889a3..ad9ec56 100644 --- a/backend/src/main/java/ru/micord/ervu/security/esia/EsiaAuthInfoStore.java +++ b/backend/src/main/java/ru/micord/ervu/security/esia/EsiaAuthInfoStore.java @@ -105,19 +105,24 @@ public class EsiaAuthInfoStore { }); } - public static boolean containsState(String prnsUUID, String state) { + public static String getNotContainsStateErrorMessage(String prnsUUID, String state) { List states = PRNS_UUID_STATE_MAP.get(prnsUUID); if (states == null) { - return false; + return "State invalid. No state found for prnsUUID: " + prnsUUID; } long currentTime = System.currentTimeMillis(); - states.removeIf(expiringState -> expiringState.getExpiryTime() < currentTime); + + StringBuilder statesStringBuilder = new StringBuilder(); for (ExpiringState expiringState : states) { if (expiringState.getState().equals(state)) { - return true; + if (expiringState.getExpiryTime() < currentTime) { + return "State invalid. State : " + state + " expired at : " + expiringState.getExpiryTime(); + } + return null; } + statesStringBuilder.append(expiringState.getState(), 0, 8).append(", "); } - return false; + return "State invalid. Backend states :" + statesStringBuilder + " cookie state :" + state; } public static void removeState(String prnsUUID) { diff --git a/backend/src/main/java/ru/micord/ervu/security/esia/service/EsiaAuthService.java b/backend/src/main/java/ru/micord/ervu/security/esia/service/EsiaAuthService.java index 40ce84d..a0354da 100644 --- a/backend/src/main/java/ru/micord/ervu/security/esia/service/EsiaAuthService.java +++ b/backend/src/main/java/ru/micord/ervu/security/esia/service/EsiaAuthService.java @@ -34,8 +34,6 @@ import org.springframework.security.core.context.SecurityContext; import ru.micord.ervu.audit.constants.AuditConstants; import ru.micord.ervu.audit.service.AuditService; import org.springframework.web.util.WebUtils; -import ru.micord.ervu.audit.constants.AuditConstants; -import ru.micord.ervu.audit.service.AuditService; import ru.micord.ervu.kafka.model.Document; import ru.micord.ervu.kafka.model.Person; import ru.micord.ervu.kafka.model.Response; @@ -60,9 +58,6 @@ import ru.micord.ervu.security.webbpm.jwt.model.Token; import ru.cg.webbpm.modules.core.runtime.api.MessageBundleUtils; -import static ru.micord.ervu.security.webbpm.jwt.util.SecurityUtil.getCurrentUserEsiaId; -import ru.cg.webbpm.modules.core.runtime.api.MessageBundleUtils; - /** * @author Eduard Tihomirov */ @@ -527,11 +522,9 @@ public class EsiaAuthService { return "State invalid. Cookie not found"; } String prnsUUID = cookie.getValue(); - if (!EsiaAuthInfoStore.containsState(prnsUUID, state)) { - return "State invalid. State from ESIA not equals with state before"; - } + String errorMessage = EsiaAuthInfoStore.getNotContainsStateErrorMessage(prnsUUID, state); EsiaAuthInfoStore.removeState(prnsUUID); - securityHelper.clearCookie(response, PRNS_UUID, "/"); - return null; + securityHelper.clearAccessCookie(response, PRNS_UUID); + return errorMessage; } } diff --git a/backend/src/main/java/ru/micord/ervu/security/webbpm/jwt/helper/SecurityHelper.java b/backend/src/main/java/ru/micord/ervu/security/webbpm/jwt/helper/SecurityHelper.java index ec240df..e552348 100644 --- a/backend/src/main/java/ru/micord/ervu/security/webbpm/jwt/helper/SecurityHelper.java +++ b/backend/src/main/java/ru/micord/ervu/security/webbpm/jwt/helper/SecurityHelper.java @@ -26,6 +26,7 @@ public final class SecurityHelper { private boolean accessCookieSecure; @Value("${cookie.same.site:Lax}") private String accessCookieSameSite; + private static final String PRNS_UUID = "prns_uuid"; @PostConstruct private void init() { @@ -36,9 +37,7 @@ public final class SecurityHelper { } public void clearAccessCookies(HttpServletResponse response) { - ResponseCookie emptyAuthToken = createCookie(AUTH_TOKEN, null, accessCookiePath) - .maxAge(0).build(); - addResponseCookie(response, emptyAuthToken); + clearCookie(response, AUTH_TOKEN, accessCookiePath); ResponseCookie emptyAuthMarker = createCookie(AUTH_MARKER, null, "/") .maxAge(0) @@ -46,6 +45,7 @@ public final class SecurityHelper { .httpOnly(false) .build(); addResponseCookie(response, emptyAuthMarker); + clearCookie(response, PRNS_UUID, accessCookiePath); } public void clearCookie(HttpServletResponse response, String name, String path) { @@ -96,4 +96,8 @@ public final class SecurityHelper { public ResponseCookie.ResponseCookieBuilder createAccessCookie(String name, String value) { return createCookie(name, value, accessCookiePath); } + + public void clearAccessCookie(HttpServletResponse response, String name) { + clearCookie(response, name, accessCookiePath); + } } From 5d6709e97d037fb40829ef014a205c91b677d01c Mon Sep 17 00:00:00 2001 From: Eduard Tihomirov Date: Tue, 13 May 2025 12:34:22 +0300 Subject: [PATCH 5/9] SUPPORT-9164: Fix --- .../ervu/security/SecurityConstants.java | 3 +++ .../ervu/security/esia/EsiaAuthInfoStore.java | 11 +++++---- .../esia/service/EsiaAuthService.java | 23 ++++++++++--------- .../webbpm/jwt/helper/SecurityHelper.java | 6 ++--- .../webbpm/jwt/util/SecurityUtil.java | 5 ++-- 5 files changed, 26 insertions(+), 22 deletions(-) diff --git a/backend/src/main/java/ru/micord/ervu/security/SecurityConstants.java b/backend/src/main/java/ru/micord/ervu/security/SecurityConstants.java index 1853716..feafe00 100644 --- a/backend/src/main/java/ru/micord/ervu/security/SecurityConstants.java +++ b/backend/src/main/java/ru/micord/ervu/security/SecurityConstants.java @@ -2,4 +2,7 @@ package ru.micord.ervu.security; public class SecurityConstants { public static final String ESIA_LOGOUT = "/esia/logout"; + public static final String AUTH_TOKEN = "auth_token"; + public static final String AUTH_MARKER = "webbpm.ervu-lkrp-fl"; + public static final String PRNS_UUID = "prns_uuid_fl"; } diff --git a/backend/src/main/java/ru/micord/ervu/security/esia/EsiaAuthInfoStore.java b/backend/src/main/java/ru/micord/ervu/security/esia/EsiaAuthInfoStore.java index ad9ec56..b05860f 100644 --- a/backend/src/main/java/ru/micord/ervu/security/esia/EsiaAuthInfoStore.java +++ b/backend/src/main/java/ru/micord/ervu/security/esia/EsiaAuthInfoStore.java @@ -9,6 +9,7 @@ import java.util.concurrent.CopyOnWriteArrayList; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.context.support.MessageSourceAccessor; +import ru.micord.ervu.security.esia.exception.EsiaException; import ru.micord.ervu.security.esia.model.ExpiringState; import ru.micord.ervu.security.esia.model.ExpiringToken; @@ -105,10 +106,10 @@ public class EsiaAuthInfoStore { }); } - public static String getNotContainsStateErrorMessage(String prnsUUID, String state) { + public static void validateState(String prnsUUID, String state) { List states = PRNS_UUID_STATE_MAP.get(prnsUUID); if (states == null) { - return "State invalid. No state found for prnsUUID: " + prnsUUID; + throw new EsiaException("State invalid. No state found"); } long currentTime = System.currentTimeMillis(); @@ -116,13 +117,13 @@ public class EsiaAuthInfoStore { for (ExpiringState expiringState : states) { if (expiringState.getState().equals(state)) { if (expiringState.getExpiryTime() < currentTime) { - return "State invalid. State : " + state + " expired at : " + expiringState.getExpiryTime(); + throw new EsiaException("State invalid. State : " + state + " expired at : " + expiringState.getExpiryTime()); } - return null; + return; } statesStringBuilder.append(expiringState.getState(), 0, 8).append(", "); } - return "State invalid. Backend states :" + statesStringBuilder + " cookie state :" + state; + throw new EsiaException("State invalid. Backend states :" + statesStringBuilder + " cookie state :" + state); } public static void removeState(String prnsUUID) { diff --git a/backend/src/main/java/ru/micord/ervu/security/esia/service/EsiaAuthService.java b/backend/src/main/java/ru/micord/ervu/security/esia/service/EsiaAuthService.java index a0354da..891b501 100644 --- a/backend/src/main/java/ru/micord/ervu/security/esia/service/EsiaAuthService.java +++ b/backend/src/main/java/ru/micord/ervu/security/esia/service/EsiaAuthService.java @@ -58,6 +58,8 @@ import ru.micord.ervu.security.webbpm.jwt.model.Token; import ru.cg.webbpm.modules.core.runtime.api.MessageBundleUtils; +import static ru.micord.ervu.security.SecurityConstants.PRNS_UUID; + /** * @author Eduard Tihomirov */ @@ -66,7 +68,6 @@ public class EsiaAuthService { private static final Logger LOGGER = LoggerFactory.getLogger(MethodHandles.lookup().lookupClass()); private static final MessageSourceAccessor MESSAGE_SOURCE = MessageBundleUtils.createAccessor( "messages/common_errors_messages"); - private static final String PRNS_UUID = "prns_uuid"; @Autowired private ObjectMapper objectMapper; @@ -178,10 +179,7 @@ public class EsiaAuthService { String prnOid = null; Long expiresIn = null; long signSecret = 0, requestAccessToken = 0, verifySecret = 0; - String verifyStateResult = verifyStateFromCookie(request, state, response); - if (verifyStateResult != null) { - throw new EsiaException(verifyStateResult); - } + verifyStateFromCookie(request, state, response); try { String clientId = esiaConfig.getClientId(); DateTimeFormatter formatter = DateTimeFormatter.ofPattern("yyyy.MM.dd HH:mm:ss xx"); @@ -516,15 +514,18 @@ public class EsiaAuthService { } } - private String verifyStateFromCookie(HttpServletRequest request, String state, HttpServletResponse response) { + private void verifyStateFromCookie(HttpServletRequest request, String state, HttpServletResponse response) { Cookie cookie = WebUtils.getCookie(request, PRNS_UUID); if (cookie == null) { - return "State invalid. Cookie not found"; + throw new RuntimeException("State invalid. Cookie not found"); } String prnsUUID = cookie.getValue(); - String errorMessage = EsiaAuthInfoStore.getNotContainsStateErrorMessage(prnsUUID, state); - EsiaAuthInfoStore.removeState(prnsUUID); - securityHelper.clearAccessCookie(response, PRNS_UUID); - return errorMessage; + try { + EsiaAuthInfoStore.validateState(prnsUUID, state); + } + finally { + EsiaAuthInfoStore.removeState(prnsUUID); + securityHelper.clearAccessCookie(response, PRNS_UUID); + } } } diff --git a/backend/src/main/java/ru/micord/ervu/security/webbpm/jwt/helper/SecurityHelper.java b/backend/src/main/java/ru/micord/ervu/security/webbpm/jwt/helper/SecurityHelper.java index e552348..20cfe7a 100644 --- a/backend/src/main/java/ru/micord/ervu/security/webbpm/jwt/helper/SecurityHelper.java +++ b/backend/src/main/java/ru/micord/ervu/security/webbpm/jwt/helper/SecurityHelper.java @@ -14,8 +14,9 @@ import org.springframework.web.context.request.RequestAttributes; import org.springframework.web.context.request.RequestContextHolder; import static org.springframework.web.context.request.RequestAttributes.REFERENCE_REQUEST; -import static ru.micord.ervu.security.webbpm.jwt.util.SecurityUtil.AUTH_MARKER; -import static ru.micord.ervu.security.webbpm.jwt.util.SecurityUtil.AUTH_TOKEN; +import static ru.micord.ervu.security.SecurityConstants.AUTH_MARKER; +import static ru.micord.ervu.security.SecurityConstants.AUTH_TOKEN; +import static ru.micord.ervu.security.SecurityConstants.PRNS_UUID; public final class SecurityHelper { @Value("${cookie.path:#{null}}") @@ -26,7 +27,6 @@ public final class SecurityHelper { private boolean accessCookieSecure; @Value("${cookie.same.site:Lax}") private String accessCookieSameSite; - private static final String PRNS_UUID = "prns_uuid"; @PostConstruct private void init() { diff --git a/backend/src/main/java/ru/micord/ervu/security/webbpm/jwt/util/SecurityUtil.java b/backend/src/main/java/ru/micord/ervu/security/webbpm/jwt/util/SecurityUtil.java index d1dcafe..08cc035 100644 --- a/backend/src/main/java/ru/micord/ervu/security/webbpm/jwt/util/SecurityUtil.java +++ b/backend/src/main/java/ru/micord/ervu/security/webbpm/jwt/util/SecurityUtil.java @@ -10,10 +10,9 @@ import org.springframework.web.util.WebUtils; import ru.micord.ervu.security.webbpm.jwt.JwtAuthentication; import ru.micord.ervu.security.webbpm.jwt.UserIdsPair; -public final class SecurityUtil { - public static final String AUTH_TOKEN = "auth_token"; +import static ru.micord.ervu.security.SecurityConstants.AUTH_TOKEN; - public static final String AUTH_MARKER = "webbpm.ervu-lkrp-fl"; +public final class SecurityUtil { private SecurityUtil() { //empty From 488174e1d67117ad0a5ed6092329b10890d2729a Mon Sep 17 00:00:00 2001 From: Eduard Tihomirov Date: Tue, 13 May 2025 12:40:07 +0300 Subject: [PATCH 6/9] SUPPORT-9164: Fix --- .../ru/micord/ervu/security/esia/service/EsiaAuthService.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/backend/src/main/java/ru/micord/ervu/security/esia/service/EsiaAuthService.java b/backend/src/main/java/ru/micord/ervu/security/esia/service/EsiaAuthService.java index 891b501..e5c2588 100644 --- a/backend/src/main/java/ru/micord/ervu/security/esia/service/EsiaAuthService.java +++ b/backend/src/main/java/ru/micord/ervu/security/esia/service/EsiaAuthService.java @@ -517,7 +517,7 @@ public class EsiaAuthService { private void verifyStateFromCookie(HttpServletRequest request, String state, HttpServletResponse response) { Cookie cookie = WebUtils.getCookie(request, PRNS_UUID); if (cookie == null) { - throw new RuntimeException("State invalid. Cookie not found"); + throw new EsiaException("State invalid. Cookie not found"); } String prnsUUID = cookie.getValue(); try { From c5b5f1f1e88656465103d12fd6aca33aab09fca2 Mon Sep 17 00:00:00 2001 From: Eduard Tihomirov Date: Tue, 13 May 2025 16:56:18 +0300 Subject: [PATCH 7/9] fix --- frontend/src/ts/modules/security/guard/auth.guard.ts | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/frontend/src/ts/modules/security/guard/auth.guard.ts b/frontend/src/ts/modules/security/guard/auth.guard.ts index 427904d..13d4224 100644 --- a/frontend/src/ts/modules/security/guard/auth.guard.ts +++ b/frontend/src/ts/modules/security/guard/auth.guard.ts @@ -45,7 +45,6 @@ export abstract class AuthGuard implements CanActivate { return false; } if (code && state) { - this.progressIndicationService.showProgressBar(); const params = new HttpParams().set('code', code).set('state', state); this.httpClient.get("esia/auth", { @@ -59,7 +58,6 @@ export abstract class AuthGuard implements CanActivate { .toPromise() .then( () => { - this.progressIndicationService.hideProgressBar(); window.open(url.origin + url.pathname, "_self"); }) .catch(reason => { @@ -67,8 +65,7 @@ export abstract class AuthGuard implements CanActivate { json.messages.forEach((errorMessage) => { this.messageService.error(errorMessage, json); }) - }) - .finally(() => this.progressIndicationService.hideProgressBar()); + }); return false; } else { From 8f2b6e54e81d441b974af5687b7116a5143fd75b Mon Sep 17 00:00:00 2001 From: Zaripov Emil Date: Wed, 14 May 2025 14:17:08 +0300 Subject: [PATCH 8/9] update link --- .../main/resources/business-model/LK RP FL/screen-form-fl.page | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/resources/src/main/resources/business-model/LK RP FL/screen-form-fl.page b/resources/src/main/resources/business-model/LK RP FL/screen-form-fl.page index 4c726a2..0109cb6 100644 --- a/resources/src/main/resources/business-model/LK RP FL/screen-form-fl.page +++ b/resources/src/main/resources/business-model/LK RP FL/screen-form-fl.page @@ -4842,7 +4842,7 @@ initialValue - "Если в выписке есть ошибки, подайте \u003ca href\u003d\"https://www.gosuslugi.ru/600595/1/form/\" target\u003d\"_blank\"\u003eзаявление на исправление на Госуслугах\u003c/a\u003e" + "Если в выписке есть ошибки, подайте \u003ca href\u003d\"https://www.gosuslugi.ru/600284/1/form/\" target\u003d\"_blank\"\u003eзаявление на исправление на Госуслугах\u003c/a\u003e" From a8ea851c334c7a12f9d6f54f5b36054e75626f78 Mon Sep 17 00:00:00 2001 From: Zaripov Emil Date: Wed, 14 May 2025 15:23:56 +0300 Subject: [PATCH 9/9] fix --- .../src/main/resources/business-model/LK RP FL/mydata.page | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/resources/src/main/resources/business-model/LK RP FL/mydata.page b/resources/src/main/resources/business-model/LK RP FL/mydata.page index d3f5460..e410a0f 100644 --- a/resources/src/main/resources/business-model/LK RP FL/mydata.page +++ b/resources/src/main/resources/business-model/LK RP FL/mydata.page @@ -1069,7 +1069,7 @@ url - "https://www.gosuslugi.ru/" + "https://www.gosuslugi.ru/600284/1/form/\"