external authentication -> revoke consent

Jochen Barth barth at ub.uni-heidelberg.de
Fri Jun 24 04:38:05 EDT 2016


Dear reader,

we're trying to get our external authentication with option to revoke 
consent running.

Everythings works fine till we check "revoke consent" -- then we're 
getting a blank page. No errors are logged.

Here are the last few lines of our code:
    // without condition, just for testing:
    httpRequest.setAttribute(ExternalAuthentication.REVOKECONSENT_KEY, 
java.lang.Boolean.TRUE);

          // 
AuthenticationEngine.returnToAuthenticationEngine(httpRequest, 
httpResponse);
    ExternalAuthentication.finishExternalAuthentication(EA_sEA, 
httpRequest, httpResponse);

   } catch (final ExternalAuthenticationException e) {
     throw new ServletException("Error processing ShibExtAuth 
authentication request", e);
   }
   catch(Exception e) {
    logger.error("re-throwing exception ", e);
   }
  }
}

Look very similar to the end of 
idp-authn-impl/src/main/java/net/shibboleth/idp/authn/impl/X509AuthServlet.java

svn diff -r 7587:head 
idp-authn-impl/src/main/java/net/shibboleth/idp/authn/impl/ExternalAuthenticationImpl.java
seems to indicate, that before 7587 response.sendRedirect() was done 
always(?)

          attr = request.getAttribute(REVOKECONSENT_KEY);
          if (attr != null && attr instanceof Boolean && ((Boolean) 
attr).booleanValue()) {
-            response.sendRedirect(extContext.getFlowExecutionUrl()
-                    + "&" + 
ProfileInterceptorFlowDescriptor.REVOKE_CONSENT_PARAM + "=1");
+            final ConsentManagementContext consentCtx =
+ 
getProfileRequestContext(request).getSubcontext(ConsentManagementContext.class, 
true);
+            consentCtx.setRevokeConsent(true);
          } else {
              response.sendRedirect(extContext.getFlowExecutionUrl());
          }


Thanks + Kind regards,
Jochen



-- 
J. Barth * IT, Universitaetsbibliothek Heidelberg * 06221 / 54-2580


More information about the users mailing list