Added email validation and input/output encodings are loaded from the…

… cfg.
ufal · Apr 25, 2024 · 9d40f00 · 9d40f00
1 parent 248dca2
commit 9d40f00
Showing 1 changed file with 16 additions and 4 deletions.
diff --git a/dspace-api/src/main/java/org/dspace/authenticate/clarin/ClarinShibAuthentication.java b/dspace-api/src/main/java/org/dspace/authenticate/clarin/ClarinShibAuthentication.java
@@ -578,7 +578,7 @@ protected EPerson findEPerson(Context context, HttpServletRequest request) throw
 
         // 2) Second, look for an email header.
         if (eperson == null && emailHeader != null) {
-            String email = findSingleAttribute(request, emailHeader);
+            String email = getEmailAcceptedOrNull(findSingleAttribute(request, emailHeader));
             if (StringUtils.isEmpty(email) && Objects.nonNull(clarinVerificationToken)) {
                 email = clarinVerificationToken.getEmail();
             }
@@ -694,7 +694,7 @@ protected EPerson registerNewEPerson(Context context, HttpServletRequest request
 
         // Header values
         String netid = Util.formatNetId(findSingleAttribute(request, netidHeader), org);
-        String email = findSingleAttribute(request, emailHeader);
+        String email = getEmailAcceptedOrNull(findSingleAttribute(request, emailHeader));
         String fname = Headers.updateValueByCharset(findSingleAttribute(request, fnameHeader));
         String lname = Headers.updateValueByCharset(findSingleAttribute(request, lnameHeader));
 
@@ -816,7 +816,7 @@ protected void updateEPerson(Context context, HttpServletRequest request, EPerso
         String lnameHeader = configurationService.getProperty("authentication-shibboleth.lastname-header");
 
         String netid = Util.formatNetId(findSingleAttribute(request, netidHeader), shibheaders.get_idp());
-        String email = findSingleAttribute(request, emailHeader);
+        String email = getEmailAcceptedOrNull(findSingleAttribute(request, emailHeader));
         String fname = Headers.updateValueByCharset(findSingleAttribute(request, fnameHeader));
         String lname = Headers.updateValueByCharset(findSingleAttribute(request, lnameHeader));
 
@@ -1171,7 +1171,12 @@ protected String findAttribute(HttpServletRequest request, String name) {
 
         if (!StringUtils.isEmpty(value) && reconvertAttributes) {
             try {
-                value = new String(value.getBytes("ISO-8859-1"), "UTF-8");
+                String inputEncoding = configurationService.getProperty("shibboleth.name.conversion.inputEncoding",
+                        "ISO-8859-1");
+                String outputEncoding = configurationService.getProperty("shibboleth.name.conversion.outputEncoding",
+                        "UTF-8");
+
+                value = new String(value.getBytes(inputEncoding), outputEncoding);
             } catch (UnsupportedEncodingException ex) {
                 log.warn("Failed to reconvert shibboleth attribute ("
                         + name + ").", ex);
@@ -1324,5 +1329,12 @@ public boolean canChangePassword(Context context, EPerson ePerson, String curren
     public boolean areSpecialGroupsApplicable(Context context, HttpServletRequest request) {
         return true;
     }
+
+    public String getEmailAcceptedOrNull(String email) {
+        if (email == null || email.isEmpty() || email.matches(".*\\s+.*")){ // no whitespaces in mail
+            return null;
+        }
+        return email;
+    }
 }