From b6f073d156edef859381361cd66d1520adc8a739 Mon Sep 17 00:00:00 2001
From: Matteo Mara <matteo.mara@sonarsource.com>
Date: Tue, 31 Oct 2023 23:15:47 +0100
Subject: SONAR-20921 Handle more configuration errors in SAML test page

---
 .../src/main/java/org/sonar/server/saml/ws/ValidationInitAction.java  | 4 ++--
 .../test/java/org/sonar/server/saml/ws/ValidationInitActionTest.java  | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

(limited to 'server/sonar-webserver-webapi')

diff --git a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/saml/ws/ValidationInitAction.java b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/saml/ws/ValidationInitAction.java
index 9960cb09151..12a01f7d213 100644
--- a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/saml/ws/ValidationInitAction.java
+++ b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/saml/ws/ValidationInitAction.java
@@ -84,8 +84,8 @@ public class ValidationInitAction extends HttpFilter implements SamlAction {
     try {
       samlAuthenticator.initLogin(oAuth2ContextFactory.generateCallbackUrl(SamlIdentityProvider.KEY),
         VALIDATION_RELAY_STATE + "/" + csrfState, request, response);
-    } catch (IllegalStateException e) {
-      response.sendRedirect("/" + SAML_VALIDATION_CONTROLLER_CONTEXT + "/" + SAML_VALIDATION_KEY);
+    } catch (IllegalArgumentException | IllegalStateException e) {
+      response.sendRedirect("/" + SAML_VALIDATION_CONTROLLER_CONTEXT + "/" + SAML_VALIDATION_KEY + "?CSRFToken=" + csrfState);
     }
   }
 }
diff --git a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/saml/ws/ValidationInitActionTest.java b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/saml/ws/ValidationInitActionTest.java
index 5a6db55a32e..3c2cc65e4fd 100644
--- a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/saml/ws/ValidationInitActionTest.java
+++ b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/saml/ws/ValidationInitActionTest.java
@@ -99,7 +99,7 @@ public class ValidationInitActionTest {
 
     underTest.doFilter(servletRequest, servletResponse, filterChain);
 
-    verify(servletResponse).sendRedirect("/saml/validation");
+    verify(servletResponse).sendRedirect("/saml/validation?CSRFToken=CSRF_TOKEN");
   }
 
   @Test
-- 
cgit v1.2.3