Merge pull request #190 from swedenconnect/1.0-fixbranch

1.0 fixbranch

bankid-api/pom.xml

@@ -9,7 +9,7 @@
   <parent>
     <groupId>se.swedenconnect.bankid</groupId>
     <artifactId>saml-bankid-idp-parent</artifactId>
-    <version>1.0.1</version>
+    <version>1.0.2</version>
   </parent>
 
   <name>Sweden Connect :: BankID :: Relying Party API</name>

bankid-api/src/main/java/se/swedenconnect/bankid/rpapi/LibraryVersion.java

@@ -24,7 +24,7 @@ public final class LibraryVersion {
 
   private static final int MAJOR = 1;
   private static final int MINOR = 0;
-  private static final int PATCH = 1;
+  private static final int PATCH = 2;
 
   /**
    * Global serialization value for classes.

bankid-frontend/pom.xml

@@ -9,7 +9,7 @@
   <parent>
     <groupId>se.swedenconnect.bankid</groupId>
     <artifactId>saml-bankid-idp-parent</artifactId>
-    <version>1.0.1</version>
+    <version>1.0.2</version>
   </parent>
 
   <name>Sweden Connect :: BankID :: SAML Identity Provider :: Frontend Distribution</name>

bankid-frontend/src/Service.ts

@@ -6,7 +6,7 @@ import type {
   ApiResponseStatus,
   CustomerContactInformation,
   RetryResponse,
-  SelectedDeviceInformation,
+  SelectedDeviceInformation, SessionExpiredResponse, UserErrorResponse,
   Status,
   UiInformation,
 } from './types';
@@ -20,15 +20,20 @@ const requestOptions: RequestInit = {
 
 export async function poll(showQr: boolean) {
   const response = await fetch(CONTEXT_PATH + '/api/poll?qr=' + showQr, requestOptions);
-  const data: ApiResponse = await response.json();
+  const data = await response.json();
   if (!response.ok) {
     if (response.status === 429) {
       const retryAfter = response.headers.get('Retry-After');
       return { retry: true, time: retryAfter } as RetryResponse;
     }
-    // TODO handle unexpected error
+    if (response.status === 403) {
+      return {"sessionExpired": true } as SessionExpiredResponse;
+    }
+    if (response.status === 400) {
+      return data as UserErrorResponse;
+    }
   }
-  return data;
+  return data as ApiResponse;
 }
 
 function isApiResponse(obj: any): obj is ApiResponse {
@@ -39,6 +44,14 @@ function isRetryResponse(obj: any): obj is RetryResponse {
   return obj && 'retry' in obj;
 }
 
+function isSessionExpiredResponse(obj: any): obj is SessionExpiredResponse {
+  return obj && 'sessionExpired' in obj;
+}
+
+function isUserErrorResponse(obj: any): obj is UserErrorResponse {
+  return obj && 'errorMessage' in obj;
+}
+
 export const pollingQr = (
   qrImage: Ref<string>,
   messageCode: Ref<string>,
@@ -65,15 +78,27 @@ export const pollingAutoStart = (
 };
 
 const handleResponse = (
-  response: ApiResponse | RetryResponse,
-  pollFunction: () => Promise<ApiResponse | RetryResponse>,
+  response: ApiResponse | RetryResponse | SessionExpiredResponse | UserErrorResponse,
+  pollFunction: () => Promise<ApiResponse | RetryResponse | SessionExpiredResponse | UserErrorResponse>,
   qrImage: Ref<string> | null,
   hideAutoStart: Ref<boolean> | null,
   token: Ref<string> | null,
   messageCode: Ref<string>,
   responseStatus: Ref<ApiResponseStatus | undefined>,
   cancelRetry?: Ref<boolean>,
 ) => {
+  if (isSessionExpiredResponse(response)) {
+      window.location.href = PATHS.ERROR;
+  }
+  if (isUserErrorResponse(response)) {
+    console.log("User error!");
+    let location = import.meta.env.BASE_URL + "/bankid#/error/" + response.errorMessage;
+    if (response.traceId !== "") {
+      location = location + "/" + response.traceId;
+    }
+    window.location.href = location;
+  }
+
   if (isApiResponse(response)) {
     responseStatus.value = response.status;
 

bankid-frontend/src/main.ts

@@ -9,42 +9,20 @@ import router from './router';
 import type { LangObject, MessageOverride, Messages } from './types';
 
 function applyMessageOverrides(originalMessages: Messages, overrides: MessageOverride[]): Messages {
-  const newMessages: Messages = JSON.parse(JSON.stringify(originalMessages)); // Deep copy
-
-  // Create empty object for any new language in the overrides
-  for (const override of overrides) {
-    for (const lang in override.text) {
-      if (!newMessages[lang]) {
-        newMessages[lang] = {};
-      }
-    }
-  }
-
-  for (const override of overrides) {
-    const path = override.code.split('.');
-
-    for (const lang in override.text) {
-      let currentPart = newMessages[lang];
-
-      for (let i = 0; i < path.length; i++) {
-        const part = path[i];
-
-        if (i === path.length - 1) {
-          currentPart[part] = override.text[lang];
-        } else {
-          if (!currentPart[part]) {
-            currentPart[part] = {};
-          }
-
-          if (typeof currentPart[part] === 'object' && currentPart[part] !== null) {
-            currentPart = currentPart[part] as LangObject;
-          }
-        }
-      }
-    }
-  }
-
-  return newMessages;
+  return overrides.reduce(
+    (newMessages: Messages, override) => {
+      const path = override.code.split('.');
+      Object.keys(override.text).forEach((lang) => {
+        let currentPart = newMessages[lang] || (newMessages[lang] = {});
+        path.forEach((part, i) => {
+          if (i === path.length - 1) currentPart[part] = override.text[lang];
+          else currentPart = (currentPart[part] as LangObject) || (currentPart[part] = {});
+        });
+      });
+      return newMessages;
+    },
+    JSON.parse(JSON.stringify(originalMessages)),
+  );
 }
 
 async function initializeApp() {

bankid-frontend/src/types.ts

@@ -31,6 +31,16 @@ export interface RetryResponse {
   time: string;
 }
 
+export interface SessionExpiredResponse {
+  sessionExpired: boolean;
+  redirect: string;
+}
+
+export interface UserErrorResponse {
+  errorMessage: string;
+  traceId: string;
+}
+
 const enum StatusDescriptionEnum {
   OK,
   ISSUES,

bankid-frontend/src/views/AutoStartView.vue

@@ -35,6 +35,9 @@
 
   const retry = () => {
     cancel().then(() => {
+      hideAutoStart.value = false;
+      responseStatus.value = "NOT_STARTED";
+      token.value = "";
       startPolling();
     });
   };

bankid-frontend/src/views/DeviceSelectView.vue

@@ -53,7 +53,7 @@
     <h2>BankID</h2>
     <p v-if="showSpMessage()">{{ getSpName() + ' ' + $t(getSpMessage()) }}</p>
     <p>{{ $t('bankid.msg.rfa20') }}</p>
-    <DeviceSelect :ui-info="props.uiInfo" :deviceData="deviceData" />
+    <DeviceSelect v-if="props.deviceData" :ui-info="props.uiInfo" :deviceData="props.deviceData" />
     <BankIdLogo />
   </div>
 

bankid-idp/env/local/overrides/custom.messages

@@ -7,7 +7,7 @@
     }
   },
   {
-    "code" : "custom.devel-version.text",
+    "code": "custom.devel-version.text",
     "text": {
       "sv": "Detta är en lokal utvecklingsversion av BankID IdP:n och du behöver ett BankID för test för att kunna använda den",
       "en": "This is a local development version of the BankID IdP and you will need a BankID for test in order to use it"

bankid-idp/pom.xml

@@ -9,7 +9,7 @@
   <parent>
     <groupId>se.swedenconnect.bankid</groupId>
     <artifactId>saml-bankid-idp-parent</artifactId>
-    <version>1.0.1</version>
+    <version>1.0.2</version>
   </parent>
 
   <name>Sweden Connect :: BankID :: SAML Identity Provider</name>
@@ -356,7 +356,7 @@
             <executions>
               <execution>
                 <id>copy-resource-templates</id>
-                <phase>package</phase>
+                <phase>prepare-package</phase>
                 <goals>
                   <goal>copy-resources</goal>
                 </goals>
@@ -374,7 +374,7 @@
               </execution>
               <execution>
                 <id>copy-resources-assets</id>
-                <phase>package</phase>
+                <phase>prepare-package</phase>
                 <goals>
                   <goal>copy-resources</goal>
                 </goals>

bankid-idp/src/main/java/se/swedenconnect/bankid/idp/ApplicationVersion.java

@@ -25,7 +25,7 @@ public final class ApplicationVersion {
 
   private static final int MAJOR = 1;
   private static final int MINOR = 0;
-  private static final int PATCH = 1;
+  private static final int PATCH = 2;
 
   /**
    * Global serialization value for classes.

bankid-idp/src/main/java/se/swedenconnect/bankid/idp/authn/BankIdAuthenticationController.java

@@ -24,6 +24,7 @@
 import org.springframework.web.servlet.ModelAndView;
 
 import lombok.AllArgsConstructor;
+import se.swedenconnect.bankid.idp.authn.annotations.ViewController;
 import se.swedenconnect.bankid.idp.authn.error.NoSuchRelyingPartyException;
 import se.swedenconnect.bankid.idp.authn.events.BankIdEventPublisher;
 import se.swedenconnect.bankid.idp.authn.session.BankIdSessionReader;
@@ -43,6 +44,7 @@
  * @author Felix Hellman
  */
 @Controller
+@ViewController
 @AllArgsConstructor
 public class BankIdAuthenticationController extends AbstractAuthenticationController<BankIdAuthenticationProvider> {
 

bankid-idp/src/main/java/se/swedenconnect/bankid/idp/authn/annotations/ApiController.java

@@ -0,0 +1,29 @@
+/*
+ * Copyright 2023 Sweden Connect
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package se.swedenconnect.bankid.idp.authn.annotations;
+
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+
+/**
+ * Annotation to allow selection of ControllerAdvice
+ *
+ * @author Martin Lindström
+ * @author Felix Hellman
+ */
+@Retention(RetentionPolicy.RUNTIME)
+public @interface ApiController {
+}

bankid-idp/src/main/java/se/swedenconnect/bankid/idp/authn/annotations/ViewController.java

@@ -0,0 +1,29 @@
+/*
+ * Copyright 2023 Sweden Connect
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package se.swedenconnect.bankid.idp.authn.annotations;
+
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+
+/**
+ * Annotation to allow selection of ControllerAdvice
+ *
+ * @author Martin Lindström
+ * @author Felix Hellman
+ */
+@Retention(RetentionPolicy.RUNTIME)
+public @interface ViewController {
+}

bankid-idp/src/main/java/se/swedenconnect/bankid/idp/authn/annotations/package-info.java

@@ -0,0 +1,4 @@
+/**
+ * Annotations for BankID components
+ */
+package se.swedenconnect.bankid.idp.authn.annotations;

bankid-idp/src/main/java/se/swedenconnect/bankid/idp/authn/api/BankIdApiController.java

@@ -34,6 +34,7 @@
 import reactor.core.publisher.Mono;
 import se.swedenconnect.bankid.idp.authn.BankIdAuthenticationProvider;
 import se.swedenconnect.bankid.idp.authn.UserVisibleDataFactory;
+import se.swedenconnect.bankid.idp.authn.annotations.ApiController;
 import se.swedenconnect.bankid.idp.authn.api.overrides.FrontendOverrideResponse;
 import se.swedenconnect.bankid.idp.authn.api.overrides.OverrideService;
 import se.swedenconnect.bankid.idp.authn.context.BankIdContext;
@@ -66,6 +67,7 @@
  * @author Felix Hellman
  */
 @RestController
+@ApiController
 @AllArgsConstructor
 @Slf4j
 public class BankIdApiController {