NFC-83 Origin fix for signing and cert. klintCheck

Author: SanderKondratjevNortal

app/src/main/kotlin/ee/ria/DigiDoc/MainActivity.kt

@@ -123,11 +123,12 @@ class MainActivity :
         val locale = dataStore.getLocale() ?: getLocale("en")
         val webEidUri = intent?.data?.takeIf { it.scheme == "web-eid-mobile" }
 
-        val externalFileUris = if (webEidUri != null) {
-            listOf()
-        } else {
-            getExternalFileUris(intent)
-        }
+        val externalFileUris =
+            if (webEidUri != null) {
+                listOf()
+            } else {
+                getExternalFileUris(intent)
+            }
 
         localeUtil.updateLocale(applicationContext, locale)
 
@@ -172,7 +173,7 @@ class MainActivity :
                 RIADigiDocTheme(darkTheme = useDarkMode) {
                     RIADigiDocAppScreen(
                         externalFileUris = externalFileUris,
-                        webEidUri = webEidUri
+                        webEidUri = webEidUri,
                     )
                 }
             }

web-eid-lib/src/androidTest/java/ee/ria/DigiDoc/webEid/WebEidRequestParserTest.kt

@@ -221,12 +221,10 @@ class WebEidRequestParserTest {
     private fun createSignUri(
         hash: String?,
         hashFunction: String?,
-        origin: String? = "https://rp.example.com",
     ): String {
         val responseUri = "https://rp.example.com/sign/response"
         val sb = StringBuilder()
         sb.append("{\"response_uri\":\"$responseUri\"")
-        if (origin != null) sb.append(",\"origin\":\"$origin\"")
         if (hash != null) sb.append(",\"hash\":\"$hash\"")
         if (hashFunction != null) sb.append(",\"hash_function\":\"$hashFunction\"")
         sb.append("}")

web-eid-lib/src/main/java/ee/ria/DigiDoc/webEid/utils/WebEidRequestParser.kt

@@ -21,7 +21,6 @@ object WebEidRequestParser {
         val request = decodeUriFragment(authUri)
         val challenge = request.getString("challenge")
         val responseUri = validateResponseUri(request.getString("login_uri"))
-        val origin = parseOrigin(responseUri)
         if (challenge.isNullOrBlank() ||
             challenge.length < MIN_CHALLENGE_LENGTH ||
             challenge.length > MAX_CHALLENGE_LENGTH
@@ -37,18 +36,17 @@ object WebEidRequestParser {
             challenge = challenge,
             loginUri = responseUri.toString(),
             getSigningCertificate = request.optBoolean("get_signing_certificate", false),
-            origin = origin,
+            origin = parseOrigin(responseUri),
         )
     }
 
     fun parseCertificateUri(uri: Uri): WebEidSignRequest {
         val request = decodeUriFragment(uri)
         val responseUri = validateResponseUri(request.optString("response_uri", ""))
-        val origin = request.optString("origin", "")
 
         return WebEidSignRequest(
             responseUri = responseUri.toString(),
-            origin = origin,
+            origin = parseOrigin(responseUri),
             hash = null,
             hashFunction = null,
         )
@@ -59,7 +57,6 @@ object WebEidRequestParser {
         val responseUri = validateResponseUri(request.optString("response_uri", ""))
         val hash = request.optString("hash", "")
         val hashFunction = request.optString("hash_function", "")
-        val origin = request.optString("origin", "")
 
         if (hash.isBlank() || hashFunction.isBlank()) {
             throw WebEidException(
@@ -71,7 +68,7 @@ object WebEidRequestParser {
 
         return WebEidSignRequest(
             responseUri = responseUri.toString(),
-            origin = origin,
+            origin = parseOrigin(responseUri),
             hash = hash,
             hashFunction = hashFunction,
         )