Skip to content

NFC-47 NFC support for web-eid example #83

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: web-eid-mobile
Choose a base branch
from
Open

NFC-47 NFC support for web-eid example #83

wants to merge 1 commit into from

Conversation

SanderKondratjevNortal
Copy link

Signed-off-by: Sander Kondratjev [email protected]

@SanderKondratjevNortal SanderKondratjevNortal changed the base branch from main to web-eid-mobile August 13, 2025 12:26
@SanderKondratjevNortal SanderKondratjevNortal force-pushed the NFC-47 branch 2 times, most recently from 1da9ec5 to d3edcb7 Compare September 23, 2025 07:22
@SanderKondratjevNortal SanderKondratjevNortal force-pushed the NFC-47 branch 2 times, most recently from b519373 to 81dea4d Compare September 29, 2025 08:49
mrts
mrts requested changes Oct 14, 2025
View reviewed changes
@sonarqubecloud SonarQubeCloud
Copy link

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

mrts
mrts requested changes Oct 16, 2025
View reviewed changes
Copy link
Member

@mrts mrts left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good to me now apart from the suggested changes, thanks for your great work!

As discussed, also consider making mobile code configurable both to make it easier to discern and possibly serve a real business need not to use it in certain circumstances.

example/src/main/java/eu/webeid/example/security/ui/WebEidLoginPageGeneratingFilter.java
import java.io.IOException;

public final class WebEidLoginPageGeneratingFilter extends OncePerRequestFilter {
private static final String LOGIN_PAGE_HTML = """
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

As discussed, let's use Thymeleaf to avoid the somewhat fragile String.format() and keep HTML out of Java files. The HTML should be moved to resources/templates/webeid-login.html.

example/src/main/java/eu/webeid/example/security/ui/WebEidLoginPageGeneratingFilter.java
Comment on lines +100 to +102
public WebEidLoginPageGeneratingFilter(String path, String loginProcessingPath) {
this.requestMatcher = PathPatternRequestMatcher.withDefaults().matcher(HttpMethod.GET, path);
this.loginProcessingPath = loginProcessingPath;
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

For Thymeleaf support:

Suggested change
public WebEidLoginPageGeneratingFilter(String path, String loginProcessingPath) {
this.requestMatcher = PathPatternRequestMatcher.withDefaults().matcher(HttpMethod.GET, path);
this.loginProcessingPath = loginProcessingPath;
public WebEidLoginPageGeneratingFilter(String path, String loginProcessingPath, ITemplateEngine templateEngine, JakartaServletWebApplication webApp) {
this.requestMatcher = PathPatternRequestMatcher.withDefaults().matcher(HttpMethod.GET, path);
this.loginProcessingPath = loginProcessingPath;
this.templateEngine = templateEngine;
this.webApp = webApp;

And add fields above:

    private final ITemplateEngine templateEngine;
    private final JakartaServletWebApplication webApp;

example/src/main/java/eu/webeid/example/security/ui/WebEidLoginPageGeneratingFilter.java
Comment on lines +124 to +129
private String generateHtml(CsrfToken csrf) {
return String.format(
LOGIN_PAGE_HTML,
loginProcessingPath,
csrf != null ? csrf.getHeaderName() : "X-CSRF-TOKEN",
csrf != null ? csrf.getToken() : ""
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
private String generateHtml(CsrfToken csrf) {
return String.format(
LOGIN_PAGE_HTML,
loginProcessingPath,
csrf != null ? csrf.getHeaderName() : "X-CSRF-TOKEN",
csrf != null ? csrf.getToken() : ""
private String renderTemplate(HttpServletRequest request, HttpServletResponse response, CsrfToken csrf) {
IWebExchange exchange = webApp.buildExchange(request, response);
var locale = RequestContextUtils.getLocale(request);
var ctx = new WebContext(exchange, locale);
ctx.setVariable("loginProcessingPath", loginProcessingPath);
ctx.setVariable("csrfHeaderName", csrf != null ? csrf.getHeaderName() : "X-CSRF-TOKEN");
ctx.setVariable("csrfToken", csrf != null ? csrf.getToken() : "");
return templateEngine.process("webeid-login", ctx);

and add import org.springframework.web.servlet.support.RequestContextUtils.

example/src/main/java/eu/webeid/example/security/ui/WebEidLoginPageGeneratingFilter.java
Comment on lines +118 to +120
String html = generateHtml(csrf);

response.setContentType(MediaType.TEXT_HTML_VALUE);
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
String html = generateHtml(csrf);
response.setContentType(MediaType.TEXT_HTML_VALUE);
String html = renderTemplate(request, response, csrf);
response.setCharacterEncoding(StandardCharsets.UTF_8.name());
response.setContentType(MediaType.TEXT_HTML_VALUE);

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@mrts mrts mrts requested changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@SanderKondratjevNortal @mrts