diff --git a/patterns/1f0702aaabef60a615abf41f_resources/resources.zip b/patterns/1f0702aaabef60a615abf41f_resources/resources.zip
index 68426bb..42c7d8a 100644
Binary files a/patterns/1f0702aaabef60a615abf41f_resources/resources.zip and b/patterns/1f0702aaabef60a615abf41f_resources/resources.zip differ
diff --git a/patterns/204c22beaccdfd22727af378_labels/labels.zip b/patterns/204c22beaccdfd22727af378_labels/labels.zip
index 88bfd9b..57cebaf 100644
Binary files a/patterns/204c22beaccdfd22727af378_labels/labels.zip and b/patterns/204c22beaccdfd22727af378_labels/labels.zip differ
diff --git a/patterns/204c22beaccdfd22727af378_template/webdata.zip b/patterns/204c22beaccdfd22727af378_template/webdata.zip
index 0438368..68828e0 100644
Binary files a/patterns/204c22beaccdfd22727af378_template/webdata.zip and b/patterns/204c22beaccdfd22727af378_template/webdata.zip differ
diff --git a/patterns/4fcfadb4a5c946ead7e6e995_labels/labels.zip b/patterns/4fcfadb4a5c946ead7e6e995_labels/labels.zip
index 88bfd9b..57cebaf 100644
Binary files a/patterns/4fcfadb4a5c946ead7e6e995_labels/labels.zip and b/patterns/4fcfadb4a5c946ead7e6e995_labels/labels.zip differ
diff --git a/patterns/4fcfadb4a5c946ead7e6e995_template/webdata.zip b/patterns/4fcfadb4a5c946ead7e6e995_template/webdata.zip
index 0438368..68828e0 100644
Binary files a/patterns/4fcfadb4a5c946ead7e6e995_template/webdata.zip and b/patterns/4fcfadb4a5c946ead7e6e995_template/webdata.zip differ
diff --git a/patterns/584964c837512845d7940809_authStatesFile/recovery-preprocessing.xml b/patterns/584964c837512845d7940809_authStatesFile/recovery-preprocessing.xml
index 4688b0c..60aedba 100644
--- a/patterns/584964c837512845d7940809_authStatesFile/recovery-preprocessing.xml
+++ b/patterns/584964c837512845d7940809_authStatesFile/recovery-preprocessing.xml
@@ -50,9 +50,9 @@
-
+
-
+
@@ -64,14 +64,7 @@
-
-
-
-
-
-
-
-
+
@@ -88,7 +81,7 @@
-
+
@@ -98,6 +91,15 @@
+
+
+
+
+
+
+
+
+
diff --git a/patterns/584964c837512845d7940809_resources/questionnaireReasonProcessing.groovy b/patterns/584964c837512845d7940809_resources/questionnaireReasonProcessing.groovy
new file mode 100644
index 0000000..e464736
--- /dev/null
+++ b/patterns/584964c837512845d7940809_resources/questionnaireReasonProcessing.groovy
@@ -0,0 +1,24 @@
+import ch.nevis.esauth.auth.engine.AuthResponse
+
+if (inargs['reason']) {
+ response.setSessionAttribute('agov.recovery.reason', '' + inargs['reason'])
+}
+
+if (inargs['cancel'] && inargs['cancel'] == 'cancel') {
+ response.setResult('cancel')
+ return
+}
+
+if (inargs['continue'] && inargs['continue'] == 'yes') {
+ response.setResult('validReasons')
+ return
+}
+
+if (inargs['continue'] && inargs['continue'] == 'no') {
+ response.setResult('invalidReasons')
+ return
+}
+
+// if we reach this, display the GUI again
+response.setStatus(AuthResponse.AUTH_CONTINUE)
+return
\ No newline at end of file
diff --git a/patterns/6d83506dfcc430c12d81dfa3_resources/askMobileNumber.groovy b/patterns/6d83506dfcc430c12d81dfa3_resources/askMobileNumber.groovy
index 629592a..1d61bf5 100644
--- a/patterns/6d83506dfcc430c12d81dfa3_resources/askMobileNumber.groovy
+++ b/patterns/6d83506dfcc430c12d81dfa3_resources/askMobileNumber.groovy
@@ -60,16 +60,19 @@ if (!inargs['submit'] && (!inargs['mobile'] || !inargs['mobile'].isEmpty()) && i
return
}
-if (inargs['submit'] && (!inargs['mobile'] || inargs['mobile'].isEmpty()) && inargs['skip'] && inargs['skip'] == 'true') {
+if (inargs['submit'] && (!inargs['mobile'] || inargs['mobile'].isEmpty()) && inargs['skip']) {
// no mobile, and user wants to skip it
- LOG.info("Event='NOMOBILENUMBER', Requester='${requester}', RequestId='${requestId}', User=${user}, SourceIp=${sourceIp}, UserAgent='${userAgent}'")
+ LOG.info("Event='NOMOBILENUMBER', Requester='${requester}', RequestId='${requestId}', User=${user}, SourceIp=${sourceIp}, UserAgent='${userAgent}', Persistent='${ inargs['skip'] == 'persistent' ? true : false }'")
- // persistent cookie for 30d;
- def agovSkipAskingMobileCookie = "agovSkipAskingMobile=true; Domain=${parameters.get('cookie.domain')}; Path=/; Max-Age=2592000; SameSite=Strict; Secure; HttpOnly"
- // setHeader doesn't support multiple headers with the same name, so we use
- // a different one, and rewrite it in the proxy with Lua
- response.setHeader('Set-Cookie2', agovSkipAskingMobileCookie)
+ if (inargs['skip'] == 'persistent') {
+ // persistent cookie for 30d;
+ def agovSkipAskingMobileCookie = "agovSkipAskingMobile=true; Domain=${parameters.get('cookie.domain')}; Path=/; Max-Age=2592000; SameSite=Strict; Secure; HttpOnly"
+ // setHeader doesn't support multiple headers with the same name, so we use
+ // a different one, and rewrite it in the proxy with Lua
+ response.setHeader('Set-Cookie2', agovSkipAskingMobileCookie)
+ }
+
response.setResult('done')
return
}
diff --git a/patterns/9ff0369f3cf662f95d94ff09_resources/ensureRecoveryCode.groovy b/patterns/9ff0369f3cf662f95d94ff09_resources/ensureRecoveryCode.groovy
index b147744..2b57ec7 100644
--- a/patterns/9ff0369f3cf662f95d94ff09_resources/ensureRecoveryCode.groovy
+++ b/patterns/9ff0369f3cf662f95d94ff09_resources/ensureRecoveryCode.groovy
@@ -1,7 +1,7 @@
import ch.nevis.esauth.auth.engine.AuthResponse
-import ch.nevis.idm.client.IdmRestClient
-import ch.nevis.idm.client.IdmRestClientFactory
-import ch.nevis.idm.client.HTTPRequestWrapper
+import ch.nevis.esauth.util.httpclient.api.HttpClient
+
+import io.opentelemetry.api.trace.Span
import groovy.json.JsonSlurper
import groovy.xml.XmlSlurper
@@ -19,7 +19,9 @@ def userAgent = request.getLoginContext()['connection.HttpHeader.user-agent'] ?:
-IdmRestClient idmRestClient = IdmRestClientFactory.get(parameters)
+HttpClient httpClient = HttpClients.create(parameters)
+def spanCtxt = Span.current().getSpanContext()
+def traceparent = "00-${spanCtxt.getTraceId()}-${spanCtxt.getSpanId()}-${spanCtxt.getTraceFlags().asHex()}"
String clientExtId = session.get('ch.adnovum.nevisidm.user.clientExtId')
String userExtId = session.get('ch.adnovum.nevisidm.user.extId')
@@ -65,21 +67,26 @@ if (outargs.containsKey('out.JWTToken')) {
if (!session['agov.new.recovery.code.generated']) {
inargs.remove('submit')
try {
- def postRequest = new HTTPRequestWrapper()
- postRequest.addToHeaders('Content-Type', ['application/json'])
+ def httpResponse = Http.post()
+ .url(endPoint)
+ .header("Accept", "application/json")
+ .header("traceparent", traceparent)
+ .entity(Http.entity()
+ .content("{\"userExtId\":\"$userExtId\",\"userSessionId\": \"$sessionId\"}")
+ .contentType("application/json")
+ .build())
+ .build()
+ .send(httpClient)
- postRequest.setPayLoad("{\"userExtId\":\"$userExtId\",\"userSessionId\": \"$sessionId\"}".getBytes('UTF-8'))
-
- def result = idmRestClient.postWithResponse(endPoint, postRequest)
- if (result.getStatusCode() != 200) {
- LOG.debug("Payload: ${new String(postRequest.getPayLoad())}")
- LOG.debug("Result: ${result}")
- LOG.warn("Event='RCVRY-CODE', Requester='${requester}', RequestId='${requestId}', RequestedAq=${requestedAq}, User=${user}, CredentialType='${credentialType}', SourceIp=${sourceIp}, UserAgent='${userAgent}', reason='Failed to create code (http status code ${result.getStatusCode()})")
+
+ if (httpResponse.code() != 200) {
+ LOG.debug("Result: ${httpResponse}")
+ LOG.warn("Event='RCVRY-CODE', Requester='${requester}', RequestId='${requestId}', RequestedAq=${requestedAq}, User=${user}, CredentialType='${credentialType}', SourceIp=${sourceIp}, UserAgent='${userAgent}', reason='Failed to create code (http status code ${httpResponse.code()})")
response.setResult('failed')
return
}
- def json = new JsonSlurper().parseText(new String(result.getPayLoad(), 'UTF-8'))
+ def json = new JsonSlurper().parseText(httpResponse.bodyAsString())
notes.setProperty('agov.new.recovery.code', json['recoveryCode']['code'].replaceAll('^(....)(....)(.*)$', '$1-$2-$3'))
LOG.debug("agov.new.recovery.code: ${notes['agov.new.recovery.code']}")