From 7ee9eaf713c1ecda7b7c9c8368a8d2695953fc0d Mon Sep 17 00:00:00 2001 From: Eduard Tihomirov Date: Thu, 27 Feb 2025 11:22:12 +0300 Subject: [PATCH 1/6] Revert "remove SUPPORT-8822" This reverts commit 7c9e8497 --- .../esia/service/EsiaAuthService.java | 25 +++++++++++-------- 1 file changed, 14 insertions(+), 11 deletions(-) diff --git a/backend/src/main/java/ru/micord/ervu/security/esia/service/EsiaAuthService.java b/backend/src/main/java/ru/micord/ervu/security/esia/service/EsiaAuthService.java index 9bd82dcb..162d41d4 100644 --- a/backend/src/main/java/ru/micord/ervu/security/esia/service/EsiaAuthService.java +++ b/backend/src/main/java/ru/micord/ervu/security/esia/service/EsiaAuthService.java @@ -101,7 +101,6 @@ public class EsiaAuthService { DateTimeFormatter formatter = DateTimeFormatter.ofPattern("yyyy.MM.dd HH:mm:ss xx"); ZonedDateTime dt = ZonedDateTime.now(); String timestamp = dt.format(formatter); - String state = UUID.randomUUID().toString(); String prnsUUID = UUID.randomUUID().toString(); String redirectUrl = esiaConfig.getRedirectUrl(); String redirectUrlEncoded = redirectUrl.replaceAll(":", "%3A") @@ -114,10 +113,12 @@ public class EsiaAuthService { parameters.put("scope", scope); parameters.put("scope_org", scopeOrg); parameters.put("timestamp", timestamp); - parameters.put("state", state); + parameters.put("state", "%s"); parameters.put("redirect_uri", esiaConfig.getRedirectUrl()); - String clientSecret = signMap(parameters); + SignResponse signResponse = signMap(parameters); + String state = signResponse.getState(); + String clientSecret = signResponse.getSignature(); EsiaAuthInfoStore.addState(prnsUUID, state, esiaConfig.getEsiaStateCookieLifeTime()); ResponseCookie prnsCookie = securityHelper.createCookie(PRNS_UUID, prnsUUID, "/") .maxAge(esiaConfig.getEsiaStateCookieLifeTime()) @@ -188,7 +189,6 @@ public class EsiaAuthService { DateTimeFormatter formatter = DateTimeFormatter.ofPattern("yyyy.MM.dd HH:mm:ss xx"); ZonedDateTime dt = ZonedDateTime.now(); String timestamp = dt.format(formatter); - String newState = UUID.randomUUID().toString(); String redirectUrl = esiaConfig.getRedirectUrl(); String scope = esiaConfig.getEsiaScopes(); String scopeOrg = esiaConfig.getEsiaOrgScopes(); @@ -198,13 +198,15 @@ public class EsiaAuthService { parameters.put("scope", scope); parameters.put("scope_org", scopeOrg); parameters.put("timestamp", timestamp); - parameters.put("state", newState); + parameters.put("state", "%s"); parameters.put("redirect_uri", redirectUrl); parameters.put("code", esiaAuthCode); long startTime = System.currentTimeMillis(); - String clientSecret = signMap(parameters); + SignResponse signResponse = signMap(parameters); timeSignSecret = System.currentTimeMillis() - startTime; + String newState = signResponse.getState(); + String clientSecret = signResponse.getSignature(); String authUrl = esiaConfig.getEsiaBaseUri() + esiaConfig.getEsiaTokenUrl(); String postBody = new FormUrlencoded() .setParameter("client_id", clientId) @@ -298,7 +300,6 @@ public class EsiaAuthService { DateTimeFormatter formatter = DateTimeFormatter.ofPattern("yyyy.MM.dd HH:mm:ss xx"); ZonedDateTime dt = ZonedDateTime.now(); String timestamp = dt.format(formatter); - String state = UUID.randomUUID().toString(); String redirectUrl = esiaConfig.getRedirectUrl(); String scope = esiaConfig.getEsiaScopes(); String scopeOrg = esiaConfig.getEsiaOrgScopes(); @@ -308,11 +309,13 @@ public class EsiaAuthService { parameters.put("scope", scope); parameters.put("scope_org", scopeOrg); parameters.put("timestamp", timestamp); - parameters.put("state", state); + parameters.put("state", "%s"); parameters.put("redirect_uri", esiaConfig.getRedirectUrl()); parameters.put("refresh_token", refreshToken); - String clientSecret = signMap(parameters); + SignResponse signResponse = signMap(parameters); + String state = signResponse.getState(); + String clientSecret = signResponse.getSignature(); String authUrl = esiaConfig.getEsiaBaseUri() + esiaConfig.getEsiaTokenUrl(); String postBody = new FormUrlencoded() .setParameter("client_id", clientId) @@ -364,7 +367,7 @@ public class EsiaAuthService { } } - private String signMap(Map paramsToSign) { + private SignResponse signMap(Map paramsToSign) { try { StringBuilder toSign = new StringBuilder(); for (String s : paramsToSign.values()) { @@ -383,7 +386,7 @@ public class EsiaAuthService { .build() .send(request, HttpResponse.BodyHandlers.ofString()); errorHandler(response); - return response.body(); + return objectMapper.readValue(response.body(), SignResponse.class); } catch (Exception e) { From 4b67bd8fdc29c149e0410deb0daa9eb5bd25d2e4 Mon Sep 17 00:00:00 2001 From: Zaripov Emil Date: Thu, 6 Mar 2025 17:04:00 +0300 Subject: [PATCH 2/6] set version 1.9.10-SNAPSHOT --- backend/pom.xml | 2 +- distribution/pom.xml | 2 +- frontend/pom.xml | 2 +- pom.xml | 2 +- resources/pom.xml | 2 +- 5 files changed, 5 insertions(+), 5 deletions(-) diff --git a/backend/pom.xml b/backend/pom.xml index 0edb0b5d..79b83887 100644 --- a/backend/pom.xml +++ b/backend/pom.xml @@ -5,7 +5,7 @@ ru.micord.ervu.lkrp ul - 1.9.9-SNAPSHOT + 1.9.10-SNAPSHOT ru.micord.ervu.lkrp.ul backend diff --git a/distribution/pom.xml b/distribution/pom.xml index 90bf2a8a..29a52350 100644 --- a/distribution/pom.xml +++ b/distribution/pom.xml @@ -4,7 +4,7 @@ ru.micord.ervu.lkrp ul - 1.9.9-SNAPSHOT + 1.9.10-SNAPSHOT ru.micord.ervu.lkrp.ul diff --git a/frontend/pom.xml b/frontend/pom.xml index 6aef1f20..de968a85 100644 --- a/frontend/pom.xml +++ b/frontend/pom.xml @@ -4,7 +4,7 @@ ru.micord.ervu.lkrp ul - 1.9.9-SNAPSHOT + 1.9.10-SNAPSHOT ru.micord.ervu.lkrp.ul diff --git a/pom.xml b/pom.xml index 0226c4a1..003d54ef 100644 --- a/pom.xml +++ b/pom.xml @@ -4,7 +4,7 @@ 4.0.0 ru.micord.ervu.lkrp ul - 1.9.9-SNAPSHOT + 1.9.10-SNAPSHOT pom backend diff --git a/resources/pom.xml b/resources/pom.xml index ba8ac5b8..8b33873c 100644 --- a/resources/pom.xml +++ b/resources/pom.xml @@ -4,7 +4,7 @@ ru.micord.ervu.lkrp ul - 1.9.9-SNAPSHOT + 1.9.10-SNAPSHOT ru.micord.ervu.lkrp.ul From 0004f4540380a46e86b58ac02092ddcc93f6923c Mon Sep 17 00:00:00 2001 From: Eduard Tihomirov Date: Tue, 13 May 2025 10:18:37 +0300 Subject: [PATCH 3/6] SUPPORT-9164: Patch from fl --- .../ervu/security/esia/EsiaAuthInfoStore.java | 15 ++++++++++----- .../security/esia/service/EsiaAuthService.java | 10 ++++------ .../webbpm/jwt/helper/SecurityHelper.java | 14 +++++++++++--- .../src/ts/modules/security/guard/auth.guard.ts | 12 +++++++----- 4 files changed, 32 insertions(+), 19 deletions(-) diff --git a/backend/src/main/java/ru/micord/ervu/security/esia/EsiaAuthInfoStore.java b/backend/src/main/java/ru/micord/ervu/security/esia/EsiaAuthInfoStore.java index 0b2ddf56..3e8b8966 100644 --- a/backend/src/main/java/ru/micord/ervu/security/esia/EsiaAuthInfoStore.java +++ b/backend/src/main/java/ru/micord/ervu/security/esia/EsiaAuthInfoStore.java @@ -105,19 +105,24 @@ public class EsiaAuthInfoStore { }); } - public static boolean containsState(String prnsUUID, String state) { + public static String getNotContainsStateErrorMessage(String prnsUUID, String state) { List states = PRNS_UUID_STATE_MAP.get(prnsUUID); if (states == null) { - return false; + return "State invalid. No state found for prnsUUID: " + prnsUUID; } long currentTime = System.currentTimeMillis(); - states.removeIf(expiringState -> expiringState.getExpiryTime() < currentTime); + + StringBuilder statesStringBuilder = new StringBuilder(); for (ExpiringState expiringState : states) { if (expiringState.getState().equals(state)) { - return true; + if (expiringState.getExpiryTime() < currentTime) { + return "State invalid. State : " + state + " expired at : " + expiringState.getExpiryTime(); + } + return null; } + statesStringBuilder.append(expiringState.getState(), 0, 8).append(", "); } - return false; + return "State invalid. Backend states :" + statesStringBuilder + " cookie state :" + state; } public static void removeState(String prnsUUID) { diff --git a/backend/src/main/java/ru/micord/ervu/security/esia/service/EsiaAuthService.java b/backend/src/main/java/ru/micord/ervu/security/esia/service/EsiaAuthService.java index 96809532..0ed1986e 100644 --- a/backend/src/main/java/ru/micord/ervu/security/esia/service/EsiaAuthService.java +++ b/backend/src/main/java/ru/micord/ervu/security/esia/service/EsiaAuthService.java @@ -124,7 +124,7 @@ public class EsiaAuthService { String clientSecret = signMap(parameters); EsiaAuthInfoStore.addState(prnsUUID, state, esiaConfig.getEsiaStateCookieLifeTime(), esiaConfig.getEsiaLoginAttemptsCount()); - ResponseCookie prnsCookie = securityHelper.createCookie(PRNS_UUID, prnsUUID, "/") + ResponseCookie prnsCookie = securityHelper.createAccessCookie(PRNS_UUID, prnsUUID) .maxAge(esiaConfig.getEsiaStateCookieLifeTime()) .build(); securityHelper.addResponseCookie(response, prnsCookie); @@ -607,11 +607,9 @@ public class EsiaAuthService { return "State invalid. Cookie not found"; } String prnsUUID = cookie.getValue(); - if (!EsiaAuthInfoStore.containsState(prnsUUID, state)) { - return "State invalid. State from ESIA not equals with state before"; - } + String errorMessage = EsiaAuthInfoStore.getNotContainsStateErrorMessage(prnsUUID, state); EsiaAuthInfoStore.removeState(prnsUUID); - securityHelper.clearCookie(response, PRNS_UUID, "/"); - return null; + securityHelper.clearAccessCookie(response, PRNS_UUID); + return errorMessage; } } diff --git a/backend/src/main/java/ru/micord/ervu/security/webbpm/jwt/helper/SecurityHelper.java b/backend/src/main/java/ru/micord/ervu/security/webbpm/jwt/helper/SecurityHelper.java index 6ce0411e..e06ddae3 100644 --- a/backend/src/main/java/ru/micord/ervu/security/webbpm/jwt/helper/SecurityHelper.java +++ b/backend/src/main/java/ru/micord/ervu/security/webbpm/jwt/helper/SecurityHelper.java @@ -26,6 +26,7 @@ public final class SecurityHelper { private boolean accessCookieSecure; @Value("${cookie.same.site:Lax}") private String accessCookieSameSite; + private static final String PRNS_UUID = "prns_uuid"; @PostConstruct private void init() { @@ -36,9 +37,7 @@ public final class SecurityHelper { } public void clearAccessCookies(HttpServletResponse response) { - ResponseCookie emptyAuthToken = createCookie(AUTH_TOKEN, null, accessCookiePath) - .maxAge(0).build(); - addResponseCookie(response, emptyAuthToken); + clearCookie(response, AUTH_TOKEN, accessCookiePath); ResponseCookie emptyAuthMarker = createCookie(AUTH_MARKER, null, "/") .maxAge(0) @@ -46,6 +45,7 @@ public final class SecurityHelper { .httpOnly(false) .build(); addResponseCookie(response, emptyAuthMarker); + clearCookie(response, PRNS_UUID, accessCookiePath); } public void addResponseCookie(HttpServletResponse response, ResponseCookie cookie) { @@ -92,4 +92,12 @@ public final class SecurityHelper { .maxAge(0).build(); addResponseCookie(response, emptyCookie); } + + public ResponseCookie.ResponseCookieBuilder createAccessCookie(String name, String value) { + return createCookie(name, value, accessCookiePath); + } + + public void clearAccessCookie(HttpServletResponse response, String name) { + clearCookie(response, name, accessCookiePath); + } } diff --git a/frontend/src/ts/modules/security/guard/auth.guard.ts b/frontend/src/ts/modules/security/guard/auth.guard.ts index dc5fa3e7..7beccddb 100644 --- a/frontend/src/ts/modules/security/guard/auth.guard.ts +++ b/frontend/src/ts/modules/security/guard/auth.guard.ts @@ -7,7 +7,7 @@ import {AuthenticationService} from "../authentication.service"; import {EsiaErrorDetail} from "../EsiaErrorDetail"; import {AccessChecker} from "../AccessChecker"; -@Injectable({providedIn:'root'}) +@Injectable({providedIn: 'root'}) export abstract class AuthGuard implements CanActivate { private cspTimeout: number; @@ -61,6 +61,7 @@ export abstract class AuthGuard implements CanActivate { return false; } if (code && state) { + this.progressIndicationService.showProgressBar(); const params = new HttpParams().set('code', code).set('state', state); this.httpClient.get("esia/auth", { @@ -68,12 +69,13 @@ export abstract class AuthGuard implements CanActivate { responseType: 'text', observe: 'response', headers: { - "Error-intercept-skip":"true" + "Error-intercept-skip": "true" } }) .toPromise() .then( () => { + this.progressIndicationService.hideProgressBar(); window.open(url.origin + url.pathname, "_self"); }) .catch(reason => { @@ -81,7 +83,8 @@ export abstract class AuthGuard implements CanActivate { json.messages.forEach((errorMessage) => { this.messageService.error(errorMessage, json); }) - }); + }) + .finally(() => this.progressIndicationService.hideProgressBar()); return false; } else { @@ -95,8 +98,7 @@ export abstract class AuthGuard implements CanActivate { console.error(reason); } return false - }) - .finally(() => this.progressIndicationService.hideProgressBar()); + }); } private checkAccess(): boolean { From c3752803dfb23ef99e2239e0217e44ee0315d52f Mon Sep 17 00:00:00 2001 From: Eduard Tihomirov Date: Tue, 13 May 2025 12:37:09 +0300 Subject: [PATCH 4/6] SUPPORT-9164: Fix --- .../ervu/security/SecurityConstants.java | 3 +++ .../ervu/security/esia/EsiaAuthInfoStore.java | 11 +++++---- .../esia/service/EsiaAuthService.java | 23 ++++++++++--------- .../webbpm/jwt/helper/SecurityHelper.java | 6 ++--- .../webbpm/jwt/util/SecurityUtil.java | 4 +--- 5 files changed, 25 insertions(+), 22 deletions(-) diff --git a/backend/src/main/java/ru/micord/ervu/security/SecurityConstants.java b/backend/src/main/java/ru/micord/ervu/security/SecurityConstants.java index 1853716d..12cba8cf 100644 --- a/backend/src/main/java/ru/micord/ervu/security/SecurityConstants.java +++ b/backend/src/main/java/ru/micord/ervu/security/SecurityConstants.java @@ -2,4 +2,7 @@ package ru.micord.ervu.security; public class SecurityConstants { public static final String ESIA_LOGOUT = "/esia/logout"; + public static final String AUTH_TOKEN = "auth_token"; + public static final String AUTH_MARKER = "webbpm.ervu-lkrp-ul"; + public static final String PRNS_UUID = "prns_uuid_ul"; } diff --git a/backend/src/main/java/ru/micord/ervu/security/esia/EsiaAuthInfoStore.java b/backend/src/main/java/ru/micord/ervu/security/esia/EsiaAuthInfoStore.java index 3e8b8966..f84963e0 100644 --- a/backend/src/main/java/ru/micord/ervu/security/esia/EsiaAuthInfoStore.java +++ b/backend/src/main/java/ru/micord/ervu/security/esia/EsiaAuthInfoStore.java @@ -9,6 +9,7 @@ import java.util.concurrent.CopyOnWriteArrayList; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.context.support.MessageSourceAccessor; +import ru.micord.ervu.security.esia.exception.EsiaException; import ru.micord.ervu.security.esia.model.ExpiringState; import ru.micord.ervu.security.esia.model.ExpiringToken; @@ -105,10 +106,10 @@ public class EsiaAuthInfoStore { }); } - public static String getNotContainsStateErrorMessage(String prnsUUID, String state) { + public static void validateState(String prnsUUID, String state) { List states = PRNS_UUID_STATE_MAP.get(prnsUUID); if (states == null) { - return "State invalid. No state found for prnsUUID: " + prnsUUID; + throw new EsiaException("State invalid. No state found"); } long currentTime = System.currentTimeMillis(); @@ -116,13 +117,13 @@ public class EsiaAuthInfoStore { for (ExpiringState expiringState : states) { if (expiringState.getState().equals(state)) { if (expiringState.getExpiryTime() < currentTime) { - return "State invalid. State : " + state + " expired at : " + expiringState.getExpiryTime(); + throw new EsiaException("State invalid. State : " + state + " expired at : " + expiringState.getExpiryTime()); } - return null; + return; } statesStringBuilder.append(expiringState.getState(), 0, 8).append(", "); } - return "State invalid. Backend states :" + statesStringBuilder + " cookie state :" + state; + throw new EsiaException("State invalid. Backend states :" + statesStringBuilder + " cookie state :" + state); } public static void removeState(String prnsUUID) { diff --git a/backend/src/main/java/ru/micord/ervu/security/esia/service/EsiaAuthService.java b/backend/src/main/java/ru/micord/ervu/security/esia/service/EsiaAuthService.java index 0ed1986e..79844dfb 100644 --- a/backend/src/main/java/ru/micord/ervu/security/esia/service/EsiaAuthService.java +++ b/backend/src/main/java/ru/micord/ervu/security/esia/service/EsiaAuthService.java @@ -65,6 +65,8 @@ import ru.micord.ervu.security.webbpm.jwt.model.Token; import ru.cg.webbpm.modules.core.runtime.api.LocalizedException; import ru.cg.webbpm.modules.core.runtime.api.MessageBundleUtils; +import static ru.micord.ervu.security.SecurityConstants.PRNS_UUID; + /** * @author Eduard Tihomirov */ @@ -73,7 +75,6 @@ public class EsiaAuthService { private static final Logger LOGGER = LoggerFactory.getLogger(MethodHandles.lookup().lookupClass()); private static final MessageSourceAccessor MESSAGE_SOURCE = MessageBundleUtils.createAccessor( "messages/common_errors_messages"); - private static final String PRNS_UUID = "prns_uuid"; @Autowired private ObjectMapper objectMapper; @Autowired @@ -184,10 +185,7 @@ public class EsiaAuthService { Long expiresIn = null; boolean hasRole = false; long timeSignSecret = 0, timeRequestAccessToken = 0, timeVerifySecret = 0; - String verifyStateResult = verifyStateFromCookie(request, state, response); - if (verifyStateResult != null) { - throw new EsiaException(verifyStateResult); - } + verifyStateFromCookie(request, state, response); try { String clientId = esiaConfig.getClientId(); DateTimeFormatter formatter = DateTimeFormatter.ofPattern("yyyy.MM.dd HH:mm:ss xx"); @@ -601,15 +599,18 @@ public class EsiaAuthService { } } - private String verifyStateFromCookie(HttpServletRequest request, String state, HttpServletResponse response) { + private void verifyStateFromCookie(HttpServletRequest request, String state, HttpServletResponse response) { Cookie cookie = WebUtils.getCookie(request, PRNS_UUID); if (cookie == null) { - return "State invalid. Cookie not found"; + throw new RuntimeException("State invalid. Cookie not found"); } String prnsUUID = cookie.getValue(); - String errorMessage = EsiaAuthInfoStore.getNotContainsStateErrorMessage(prnsUUID, state); - EsiaAuthInfoStore.removeState(prnsUUID); - securityHelper.clearAccessCookie(response, PRNS_UUID); - return errorMessage; + try { + EsiaAuthInfoStore.validateState(prnsUUID, state); + } + finally { + EsiaAuthInfoStore.removeState(prnsUUID); + securityHelper.clearAccessCookie(response, PRNS_UUID); + } } } diff --git a/backend/src/main/java/ru/micord/ervu/security/webbpm/jwt/helper/SecurityHelper.java b/backend/src/main/java/ru/micord/ervu/security/webbpm/jwt/helper/SecurityHelper.java index e06ddae3..bc697581 100644 --- a/backend/src/main/java/ru/micord/ervu/security/webbpm/jwt/helper/SecurityHelper.java +++ b/backend/src/main/java/ru/micord/ervu/security/webbpm/jwt/helper/SecurityHelper.java @@ -14,8 +14,9 @@ import org.springframework.web.context.request.RequestAttributes; import org.springframework.web.context.request.RequestContextHolder; import static org.springframework.web.context.request.RequestAttributes.REFERENCE_REQUEST; -import static ru.micord.ervu.security.webbpm.jwt.util.SecurityUtil.AUTH_MARKER; -import static ru.micord.ervu.security.webbpm.jwt.util.SecurityUtil.AUTH_TOKEN; +import static ru.micord.ervu.security.SecurityConstants.AUTH_MARKER; +import static ru.micord.ervu.security.SecurityConstants.AUTH_TOKEN; +import static ru.micord.ervu.security.SecurityConstants.PRNS_UUID; public final class SecurityHelper { @Value("${cookie.path:#{null}}") @@ -26,7 +27,6 @@ public final class SecurityHelper { private boolean accessCookieSecure; @Value("${cookie.same.site:Lax}") private String accessCookieSameSite; - private static final String PRNS_UUID = "prns_uuid"; @PostConstruct private void init() { diff --git a/backend/src/main/java/ru/micord/ervu/security/webbpm/jwt/util/SecurityUtil.java b/backend/src/main/java/ru/micord/ervu/security/webbpm/jwt/util/SecurityUtil.java index c5b5222e..65b7e19b 100644 --- a/backend/src/main/java/ru/micord/ervu/security/webbpm/jwt/util/SecurityUtil.java +++ b/backend/src/main/java/ru/micord/ervu/security/webbpm/jwt/util/SecurityUtil.java @@ -11,10 +11,8 @@ import ru.micord.ervu.security.webbpm.jwt.JwtAuthentication; import ru.micord.ervu.security.webbpm.jwt.UserIdsPair; +import static ru.micord.ervu.security.SecurityConstants.AUTH_TOKEN; public final class SecurityUtil { - public static final String AUTH_TOKEN = "auth_token"; - - public static final String AUTH_MARKER = "webbpm.ervu-lkrp-ul"; private SecurityUtil() { //empty From 75893a43f4a2d61b07b7cb2c8d7edc4ab2b9fd0f Mon Sep 17 00:00:00 2001 From: Eduard Tihomirov Date: Tue, 13 May 2025 12:40:00 +0300 Subject: [PATCH 5/6] SUPPORT-9164: Fix --- .../ru/micord/ervu/security/esia/service/EsiaAuthService.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/backend/src/main/java/ru/micord/ervu/security/esia/service/EsiaAuthService.java b/backend/src/main/java/ru/micord/ervu/security/esia/service/EsiaAuthService.java index 79844dfb..9c8ac74b 100644 --- a/backend/src/main/java/ru/micord/ervu/security/esia/service/EsiaAuthService.java +++ b/backend/src/main/java/ru/micord/ervu/security/esia/service/EsiaAuthService.java @@ -602,7 +602,7 @@ public class EsiaAuthService { private void verifyStateFromCookie(HttpServletRequest request, String state, HttpServletResponse response) { Cookie cookie = WebUtils.getCookie(request, PRNS_UUID); if (cookie == null) { - throw new RuntimeException("State invalid. Cookie not found"); + throw new EsiaException("State invalid. Cookie not found"); } String prnsUUID = cookie.getValue(); try { From fefb2344cfad116c9ba2ce057e05a6ce76e45c78 Mon Sep 17 00:00:00 2001 From: Eduard Tihomirov Date: Tue, 13 May 2025 16:57:32 +0300 Subject: [PATCH 6/6] fix --- frontend/src/ts/modules/security/guard/auth.guard.ts | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/frontend/src/ts/modules/security/guard/auth.guard.ts b/frontend/src/ts/modules/security/guard/auth.guard.ts index 7beccddb..be72a006 100644 --- a/frontend/src/ts/modules/security/guard/auth.guard.ts +++ b/frontend/src/ts/modules/security/guard/auth.guard.ts @@ -61,7 +61,6 @@ export abstract class AuthGuard implements CanActivate { return false; } if (code && state) { - this.progressIndicationService.showProgressBar(); const params = new HttpParams().set('code', code).set('state', state); this.httpClient.get("esia/auth", { @@ -75,7 +74,6 @@ export abstract class AuthGuard implements CanActivate { .toPromise() .then( () => { - this.progressIndicationService.hideProgressBar(); window.open(url.origin + url.pathname, "_self"); }) .catch(reason => { @@ -83,8 +81,7 @@ export abstract class AuthGuard implements CanActivate { json.messages.forEach((errorMessage) => { this.messageService.error(errorMessage, json); }) - }) - .finally(() => this.progressIndicationService.hideProgressBar()); + }); return false; } else {