From d4bc19e2d8e8a9750c71ad8065fd26a97704da80 Mon Sep 17 00:00:00 2001 From: Dominik Frantisek Bucik Date: Wed, 26 Jan 2022 13:49:00 +0100 Subject: [PATCH] =?UTF-8?q?fix:=20=F0=9F=90=9B=20Consider=20empty=20refere?= =?UTF-8?q?r=20as=20external?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../muni/ics/oidc/saml/SamlInvalidateSessionFilter.java | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/perun-oidc-server/src/main/java/cz/muni/ics/oidc/saml/SamlInvalidateSessionFilter.java b/perun-oidc-server/src/main/java/cz/muni/ics/oidc/saml/SamlInvalidateSessionFilter.java index ee3651e96..584e67bc4 100644 --- a/perun-oidc-server/src/main/java/cz/muni/ics/oidc/saml/SamlInvalidateSessionFilter.java +++ b/perun-oidc-server/src/main/java/cz/muni/ics/oidc/saml/SamlInvalidateSessionFilter.java @@ -68,9 +68,8 @@ public class SamlInvalidateSessionFilter extends GenericFilterBean { HttpServletRequest req = (HttpServletRequest) request; HttpServletResponse res = (HttpServletResponse) response; if (MATCHER.matches(req)) { - boolean isDeviceCodeFlow = DEVICE_CODE_MATCHER.matches(req) || DEVICE_CODE_ALL_MATCHER.matches(req); String referer = req.getHeader(REFERER); - if (!isInternalReferer(referer, !isDeviceCodeFlow)) { + if (!isInternalReferer(referer)) { log.debug("Got external referer, clear session to reauthenticate"); contextLogoutHandler.logout(req, res, null); } @@ -78,9 +77,9 @@ public class SamlInvalidateSessionFilter extends GenericFilterBean { chain.doFilter(req, res); } - private boolean isInternalReferer(String referer, boolean emptyRefererAsInternal) { - if (!StringUtils.hasText(referer)) { // no referer, consider as internal - return emptyRefererAsInternal; + private boolean isInternalReferer(String referer) { + if (!StringUtils.hasText(referer)) { + return false; } for (String internal : internalReferrers) { if (referer.startsWith(internal)) {