SUPPORT-8942: Fix

2025-03-04 11:22:29 +03:00 · 2025-03-04 11:22:29 +03:00 · 838957b750
commit 838957b750
parent 68a8063a3a
3 changed files with 13 additions and 2 deletions
--- a/backend/src/main/java/ru/micord/ervu/security/esia/EsiaAuthInfoStore.java
+++ b/backend/src/main/java/ru/micord/ervu/security/esia/EsiaAuthInfoStore.java
@ -8,6 +8,7 @@ import java.util.concurrent.CopyOnWriteArrayList;

 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
+import ru.micord.ervu.security.esia.exception.EsiaException;
 import ru.micord.ervu.security.esia.model.ExpiringState;
 import ru.micord.ervu.security.esia.model.ExpiringToken;

@ -81,13 +82,16 @@ public class EsiaAuthInfoStore {
    refreshTokensMap.remove(prnOid);
  }

-  public static void addState(String prnsUUID, String state, long expiresIn) {
+  public static void addState(String prnsUUID, String state, long expiresIn, long attemptsCount) {
    long expiryTime = System.currentTimeMillis() + expiresIn * 1000L;
    ExpiringState newState = new ExpiringState(state, expiryTime);
    prnsUuidStateMap.compute(prnsUUID, (key, states) -> {
      if (states == null) {
        states = new CopyOnWriteArrayList<>();
      }
+      if (states.size() >= attemptsCount) {
+        throw new EsiaException("The number of login attempts has been exceeded.");
+      }
      states.add(newState);
      return states;
    });
--- a/backend/src/main/java/ru/micord/ervu/security/esia/config/EsiaConfig.java
+++ b/backend/src/main/java/ru/micord/ervu/security/esia/config/EsiaConfig.java
@ -68,6 +68,9 @@ public class EsiaConfig {
  @Value("${esia.state.cookie.life.time:300}")
  private long esiaStateCookieLifeTime;

+  @Value("${esia.login.attempts.count:5}")
+  private long esiaLoginAttemptsCount;
+
  public String getEsiaOrgScopes() {
    String[] scopeItems = esiaOrgScopes.split(",");
    return String.join(" ", Arrays.stream(scopeItems).map(item -> orgScopeUrl + item.trim()).toArray(String[]::new));
@ -139,4 +142,8 @@ public class EsiaConfig {
  public long getEsiaStateCookieLifeTime() {
    return esiaStateCookieLifeTime;
  }
+
+  public long getEsiaLoginAttemptsCount() {
+    return esiaLoginAttemptsCount;
+  }
 }
--- a/backend/src/main/java/ru/micord/ervu/security/esia/service/EsiaAuthService.java
+++ b/backend/src/main/java/ru/micord/ervu/security/esia/service/EsiaAuthService.java
@ -122,7 +122,7 @@ public class EsiaAuthService {
      parameters.put("redirect_uri", esiaConfig.getRedirectUrl());

      String clientSecret = signMap(parameters);
-      EsiaAuthInfoStore.addState(prnsUUID, state, esiaConfig.getEsiaStateCookieLifeTime());
+      EsiaAuthInfoStore.addState(prnsUUID, state, esiaConfig.getEsiaStateCookieLifeTime(), esiaConfig.getEsiaLoginAttemptsCount());
      ResponseCookie prnsCookie = securityHelper.createCookie(PRNS_UUID, prnsUUID, "/")
          .maxAge(esiaConfig.getEsiaStateCookieLifeTime())
          .build();