From 2d35c7aedf1cf2b93b6eae34b64c33796b6188d5 Mon Sep 17 00:00:00 2001
From: Madhavi Gayathri <madhavi.17@cse.mrt.ac.lk>
Date: Wed, 24 Apr 2024 15:31:44 +0530
Subject: [PATCH] URL encode application name in request
 post.authn.handler.disclaimer.

---
 .../DisclaimerPostAuthenticationHandler.java   | 18 ++++++++++++------
 1 file changed, 12 insertions(+), 6 deletions(-)

diff --git a/etc/sample-post-authentication-handler/src/main/java/org/wso2/carbon/identity/post/authn/handler/disclaimer/DisclaimerPostAuthenticationHandler.java b/etc/sample-post-authentication-handler/src/main/java/org/wso2/carbon/identity/post/authn/handler/disclaimer/DisclaimerPostAuthenticationHandler.java
index 849157ae4..5f664b47e 100644
--- a/etc/sample-post-authentication-handler/src/main/java/org/wso2/carbon/identity/post/authn/handler/disclaimer/DisclaimerPostAuthenticationHandler.java
+++ b/etc/sample-post-authentication-handler/src/main/java/org/wso2/carbon/identity/post/authn/handler/disclaimer/DisclaimerPostAuthenticationHandler.java
@@ -18,16 +18,17 @@
 
 package org.wso2.carbon.identity.post.authn.handler.disclaimer;
 
-import org.apache.commons.codec.digest.DigestUtils;
 import org.wso2.carbon.identity.application.authentication.framework.config.ConfigurationFacade;
 import org.wso2.carbon.identity.application.authentication.framework.context.AuthenticationContext;
 import org.wso2.carbon.identity.application.authentication.framework.exception.PostAuthenticationFailedException;
 import org.wso2.carbon.identity.application.authentication.framework.handler.request.AbstractPostAuthnHandler;
 import org.wso2.carbon.identity.application.authentication.framework.handler.request.PostAuthnHandlerFlowStatus;
 import org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatedUser;
-import org.wso2.carbon.identity.application.authentication.framework.util.FrameworkUtils;
 
 import java.io.IOException;
+import java.net.URI;
+import java.net.URISyntaxException;
+
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
@@ -54,15 +55,20 @@ public PostAuthnHandlerFlowStatus handle(HttpServletRequest httpServletRequest,
             }
         } else {
             try {
+                String urlEncodedApplicationName = new URI(null, null, authenticationContext
+                        .getSequenceConfig().getApplicationConfig().getApplicationName(), null).toASCIIString();
+
                 httpServletResponse.sendRedirect
-                        (ConfigurationFacade.getInstance().getAuthenticationEndpointURL().replace("/login.do", ""
-                        ) + "/disclaimer" + ".jsp?sessionDataKey=" + authenticationContext.getContextIdentifier() +
-                                "&application=" + authenticationContext
-                                .getSequenceConfig().getApplicationConfig().getApplicationName());
+                        (ConfigurationFacade.getInstance().getAuthenticationEndpointURL().replace("/login.do", "") +
+                                "/disclaimer.jsp?sessionDataKey=" + authenticationContext.getContextIdentifier() +
+                                "&application=" + urlEncodedApplicationName);
                 setConsentPoppedUpState(authenticationContext);
                 return PostAuthnHandlerFlowStatus.INCOMPLETE;
             } catch (IOException e) {
                 throw new PostAuthenticationFailedException("Invalid Consent", "Error while redirecting", e);
+            } catch (URISyntaxException e) {
+                throw new PostAuthenticationFailedException("Invalid Application Name",
+                        "Error encoding application name", e);
             }
         }
     }