micord/ervu-lkrp-fl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

SUPPORT-8593: Fix

Browse source
This commit is contained in:
Eduard Tihomirov 2024-11-27 12:16:40 +03:00
parent 85124d60ff
commit fd6507217b
2 changed files with 15 additions and 12 deletions
Download patch file Download diff file Expand all files Collapse all files

6
backend/src/main/java/ru/micord/ervu/security/esia/controller/EsiaController.java
View file

@ -38,8 +38,10 @@ public class EsiaController {
return esiaAuthService.generateAuthCodeUrl();
}
@GetMapping(value = "/esia/auth", params = "code")
public ResponseEntity<?> esiaAuth(@RequestParam("code") String code, @RequestParam("error") String error, HttpServletRequest request, HttpServletResponse response) {
@GetMapping(value = "/esia/auth")
public ResponseEntity<?> esiaAuth(@RequestParam(value = "code", required = false) String code,
@RequestParam(value = "error", required = false) String error, HttpServletRequest request,
HttpServletResponse response) {
return esiaAuthService.getEsiaTokensByCode(code, error, request, response);
}

21
backend/src/main/java/ru/micord/ervu/security/esia/service/EsiaAuthService.java
View file

@ -436,16 +436,17 @@ public ResponseEntity<?> getEsiaTokensByCode(String esiaAuthCode, String error,
if (!esiaAccessToken.getIss().equals(esiaConfig.getEsiaIssuerUrl())) {
return "Token invalid. Token issuer:" + esiaAccessToken.getIss() + " invalid";
}
LocalDateTime iatTime = LocalDateTime.ofInstant(Instant.ofEpochSecond(esiaAccessToken.getIat()),
ZoneId.systemDefault()
);
LocalDateTime expTime = LocalDateTime.ofInstant(Instant.ofEpochSecond(esiaAccessToken.getExp()),
ZoneId.systemDefault()
);
LocalDateTime currentTime = LocalDateTime.now();
if (!currentTime.isAfter(iatTime) || !expTime.isAfter(iatTime)) {
return "Token invalid. Token expired";
}
//TODO SUPPORT-8750
// LocalDateTime iatTime = LocalDateTime.ofInstant(Instant.ofEpochSecond(esiaAccessToken.getIat()),
// ZoneId.systemDefault()
// );
// LocalDateTime expTime = LocalDateTime.ofInstant(Instant.ofEpochSecond(esiaAccessToken.getExp()),
// ZoneId.systemDefault()
// );
// LocalDateTime currentTime = LocalDateTime.now();
// if (!currentTime.isAfter(iatTime) || !expTime.isAfter(iatTime)) {
// return "Token invalid. Token expired";
// }
HttpResponse<String> response = signVerify(accessToken);
if (response.statusCode() != 200) {
if (response.statusCode() == 401) {