diff --git a/app/src/main/java/de/sebse/fuplanner2/auth/FUAuthModule.kt b/app/src/main/java/de/sebse/fuplanner2/auth/FUAuthModule.kt index 5a133e9..c45fa51 100644 --- a/app/src/main/java/de/sebse/fuplanner2/auth/FUAuthModule.kt +++ b/app/src/main/java/de/sebse/fuplanner2/auth/FUAuthModule.kt @@ -32,11 +32,18 @@ abstract class FUAuthModule { val relLocation = response.headers?.get("Location") ?: throw invalidResponse(100110, "No IDP form location!") val formUri = URI(samlUrl).resolve(relLocation).toString() - requester.head(formUri, getCookies(user)) + val csrfToken = requester.get(formUri, getCookies(user)).body.let { + getRegexGroup("name=\"csrf_token\" value=\"(.*?)\"", 1, it) + } ?: throw invalidPassword(100112, "No CSRF token found!") response = requester.post( formUri, cookies = getCookies(user), - data = hashMapOf("j_username" to name, "j_password" to password, "_eventId_proceed" to "") + data = hashMapOf( + "j_username" to name, + "j_password" to password, + "_eventId_proceed" to "", + "csrf_token" to csrfToken + ) ) if (response.networkResponse.statusCode != 200) { throw invalidPassword(100111, "Password or username invalid!") @@ -56,21 +63,25 @@ abstract class FUAuthModule { } private fun parseResponse(body: String): SamlReponse { - var matcher = "name=\"SAMLResponse\" value=\"(.*?)\"".toRegex().find(body) - val samlResponse = matcher?.groupValues?.let { - if (it.size >= 2) it[1] else null - } ?: throw invalidResponse(100100, "No SAML response found!") - matcher = "name=\"RelayState\" value=\"(.*?)\"".toRegex().find(body) - val relayState = matcher?.groupValues?.let { - if (it.size >= 2) it[1] else null - } ?: throw invalidResponse(100100, "No Relay State found!") - matcher = "form action=\"(.*?)\"".toRegex().find(body) - val url = matcher?.groupValues?.let { - if (it.size >= 2) it[1] else null - } ?: throw invalidResponse(100100, "No SAML Url found!") + val samlResponse = getRegexGroup( + "name=\"SAMLResponse\" value=\"(.*?)\"", 1, body + ) ?: throw invalidResponse(100100, "No SAML response found!") + val relayState = getRegexGroup( + "name=\"RelayState\" value=\"(.*?)\"", 1, body + ) ?: throw invalidResponse(100101, "No Relay State found!") + val url = getRegexGroup( + "form action=\"(.*?)\"", 1, body + ) ?: throw invalidResponse(100102, "No SAML Url found!") return SamlReponse(xml.decode(url), xml.decode(relayState), xml.decode(samlResponse)) } + private fun getRegexGroup(regex: String, group: Int, text: String): String? { + val matcher = Regex(regex).find(text) + return matcher?.groupValues?.let { + if (it.size >= group+1) it[group] else null + } + } + private fun updateCookies(user: User, response: NetData) { val setCookies = response.networkResponse.allHeaders?.let { parseCookies(it) } setCookies?.get("JSESSIONID")?.let { diff --git a/app/src/main/java/de/sebse/fuplanner2/whiteboard/Whiteboard.kt b/app/src/main/java/de/sebse/fuplanner2/whiteboard/Whiteboard.kt index b209ad0..5673c5c 100644 --- a/app/src/main/java/de/sebse/fuplanner2/whiteboard/Whiteboard.kt +++ b/app/src/main/java/de/sebse/fuplanner2/whiteboard/Whiteboard.kt @@ -78,7 +78,7 @@ object Whiteboard: FUAuthModule() { private fun updateCookies(user: User, response: NetData) { val setCookies = response.networkResponse.allHeaders?.let { parseCookies(it) } - setCookies?.get("JSESSIONID")?.let { + setCookies?.get("SAKAI2SESSIONID")?.let { user.cookies.wbJsessionId = it } setCookies @@ -91,7 +91,7 @@ object Whiteboard: FUAuthModule() { } internal fun getCookies(user: User, shib: Boolean = false): HashMap? { - val cookies = user.cookies.wbJsessionId?.let { key -> hashMapOf("JSESSIONID" to key) } ?: hashMapOf() + val cookies = user.cookies.wbJsessionId?.let { key -> hashMapOf("SAKAI2SESSIONID" to key) } ?: hashMapOf() if (shib && user.cookies.wbShibValue != null) { user.cookies.wbShibKey?.let { cookies[it] = user.cookies.wbShibValue ?: "" } }