Hotfix: autologin from the directory (#170)

* added attempt to "login" without prompt if fails redirect to login page * bugfix only overwrite redirect is no error is in QueryString Co-authored-by: Emilian Jungwirth <emilian.jung+github@gmail.com>
BBMRI-ERIC · Jan 3, 2023 · a3c4436 · a3c4436
1 parent 24aba54
commit a3c4436
Showing 1 changed file with 4 additions and 2 deletions.
diff --git a/src/main/java/de/samply/bbmri/negotiator/filter/AuthorizationFilter.java b/src/main/java/de/samply/bbmri/negotiator/filter/AuthorizationFilter.java
@@ -160,8 +160,6 @@ public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain)
             // if a user came from the directory before being logged in, we need to save the query ID into the
             // usersession
             if (request.getQueryString() != null) {
-                logger.debug("Setting userbean redirect url");
-                userBean.setNewQueryRedirectURL(request.getServletPath() + "?" + request.getQueryString());
 
                 //Check if param error login_required then directly redirect
 
@@ -170,6 +168,10 @@ public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain)
                     logger.debug("Redirecting invalid user to login.xhtml");
                     response.sendRedirect(request.getContextPath() + "/login.xhtml");
                     return;
+                }else{
+                    logger.debug("Setting userbean redirect url");
+                    userBean.setNewQueryRedirectURL(request.getServletPath() + "?" + request.getQueryString());
+
                 }
                 // TODO might only work for perun and 1not work for different AAIs
                 URI noprompt_auth_uri = UriBuilder.fromUri(userBean.getAuthenticationUrl(request)).queryParam("prompt", "none").build();