From a3c44361b09c2633e95a9a32d8276cb9b8832387 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Radovan=20Tom=C3=A1=C5=A1ik?= <tomasik@mail.muni.cz>
Date: Tue, 3 Jan 2023 15:39:01 +0100
Subject: [PATCH] Hotfix: autologin from the directory (#170)

* added attempt to "login" without prompt if fails redirect to login page

* bugfix only overwrite redirect is no error is in QueryString

Co-authored-by: Emilian Jungwirth <emilian.jung+github@gmail.com>
---
 .../samply/bbmri/negotiator/filter/AuthorizationFilter.java | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/src/main/java/de/samply/bbmri/negotiator/filter/AuthorizationFilter.java b/src/main/java/de/samply/bbmri/negotiator/filter/AuthorizationFilter.java
index e1cb36c4..6dba8a65 100644
--- a/src/main/java/de/samply/bbmri/negotiator/filter/AuthorizationFilter.java
+++ b/src/main/java/de/samply/bbmri/negotiator/filter/AuthorizationFilter.java
@@ -160,8 +160,6 @@ public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain)
             // if a user came from the directory before being logged in, we need to save the query ID into the
             // usersession
             if (request.getQueryString() != null) {
-                logger.debug("Setting userbean redirect url");
-                userBean.setNewQueryRedirectURL(request.getServletPath() + "?" + request.getQueryString());
 
                 //Check if param error login_required then directly redirect
 
@@ -170,6 +168,10 @@ public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain)
                     logger.debug("Redirecting invalid user to login.xhtml");
                     response.sendRedirect(request.getContextPath() + "/login.xhtml");
                     return;
+                }else{
+                    logger.debug("Setting userbean redirect url");
+                    userBean.setNewQueryRedirectURL(request.getServletPath() + "?" + request.getQueryString());
+
                 }
                 // TODO might only work for perun and 1not work for different AAIs
                 URI noprompt_auth_uri = UriBuilder.fromUri(userBean.getAuthenticationUrl(request)).queryParam("prompt", "none").build();