micord/ervu-lkrp-ul
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge remote-tracking branch 'origin/feature/SUPPORT-8822' into develop

Browse source
This commit is contained in:
Eduard Tihomirov 2025-05-13 13:52:24 +03:00
commit 2bf9407b32
1 changed files with 14 additions and 11 deletions
Download patch file Download diff file Expand all files Collapse all files

25
backend/src/main/java/ru/micord/ervu/security/esia/service/EsiaAuthService.java
View file

@ -103,7 +103,6 @@ public class EsiaAuthService {
DateTimeFormatter formatter = DateTimeFormatter.ofPattern("yyyy.MM.dd HH:mm:ss xx");
ZonedDateTime dt = ZonedDateTime.now();
String timestamp = dt.format(formatter);
String state = UUID.randomUUID().toString();
String prnsUUID = UUID.randomUUID().toString();
Cookie oldPrnsCookie = WebUtils.getCookie(request, PRNS_UUID);
if (oldPrnsCookie != null) {
@ -120,10 +119,12 @@ public class EsiaAuthService {
parameters.put("scope", scope);
parameters.put("scope_org", scopeOrg);
parameters.put("timestamp", timestamp);
parameters.put("state", state);
parameters.put("state", "%s");
parameters.put("redirect_uri", esiaConfig.getRedirectUrl());
String clientSecret = signMap(parameters);
SignResponse signResponse = signMap(parameters);
String state = signResponse.getState();
String clientSecret = signResponse.getSignature();
EsiaAuthInfoStore.addState(prnsUUID, state, esiaConfig.getEsiaStateCookieLifeTime(), esiaConfig.getEsiaLoginAttemptsCount());
ResponseCookie prnsCookie = securityHelper.createAccessCookie(PRNS_UUID, prnsUUID)
.maxAge(esiaConfig.getEsiaStateCookieLifeTime())
@ -191,7 +192,6 @@ public class EsiaAuthService {
DateTimeFormatter formatter = DateTimeFormatter.ofPattern("yyyy.MM.dd HH:mm:ss xx");
ZonedDateTime dt = ZonedDateTime.now();
String timestamp = dt.format(formatter);
String newState = UUID.randomUUID().toString();
String redirectUrl = esiaConfig.getRedirectUrl();
String scope = esiaConfig.getEsiaScopes();
String scopeOrg = esiaConfig.getEsiaOrgScopes();
@ -201,13 +201,15 @@ public class EsiaAuthService {
parameters.put("scope", scope);
parameters.put("scope_org", scopeOrg);
parameters.put("timestamp", timestamp);
parameters.put("state", newState);
parameters.put("state", "%s");
parameters.put("redirect_uri", redirectUrl);
parameters.put("code", esiaAuthCode);
long startTime = System.currentTimeMillis();
String clientSecret = signMap(parameters);
SignResponse signResponse = signMap(parameters);
timeSignSecret = System.currentTimeMillis() - startTime;
String newState = signResponse.getState();
String clientSecret = signResponse.getSignature();
String authUrl = esiaConfig.getEsiaBaseUri() + esiaConfig.getEsiaTokenUrl();
String postBody = new FormUrlencoded()
.setParameter("client_id", clientId)
@ -301,7 +303,6 @@ public class EsiaAuthService {
DateTimeFormatter formatter = DateTimeFormatter.ofPattern("yyyy.MM.dd HH:mm:ss xx");
ZonedDateTime dt = ZonedDateTime.now();
String timestamp = dt.format(formatter);
String state = UUID.randomUUID().toString();
String redirectUrl = esiaConfig.getRedirectUrl();
String scope = esiaConfig.getEsiaScopes();
String scopeOrg = esiaConfig.getEsiaOrgScopes();
@ -311,11 +312,13 @@ public class EsiaAuthService {
parameters.put("scope", scope);
parameters.put("scope_org", scopeOrg);
parameters.put("timestamp", timestamp);
parameters.put("state", state);
parameters.put("state", "%s");
parameters.put("redirect_uri", esiaConfig.getRedirectUrl());
parameters.put("refresh_token", refreshToken);
String clientSecret = signMap(parameters);
SignResponse signResponse = signMap(parameters);
String state = signResponse.getState();
String clientSecret = signResponse.getSignature();
String authUrl = esiaConfig.getEsiaBaseUri() + esiaConfig.getEsiaTokenUrl();
String postBody = new FormUrlencoded()
.setParameter("client_id", clientId)
@ -370,7 +373,7 @@ public class EsiaAuthService {
}
}
private String signMap(Map<String, String> paramsToSign) {
private SignResponse signMap(Map<String, String> paramsToSign) {
try {
StringBuilder toSign = new StringBuilder();
for (String s : paramsToSign.values()) {
@ -389,7 +392,7 @@ public class EsiaAuthService {
.build()
.send(request, HttpResponse.BodyHandlers.ofString());
errorHandler(response);
return response.body();
return objectMapper.readValue(response.body(), SignResponse.class);
}
catch (Exception e) {