diff --git a/lib/AccountManager/App/Controller.pm b/lib/AccountManager/App/Controller.pm
index 6b40e974b690044b27f4cf147ca25ed2e943818f..82c5c11871051bbc73657c3a1a3d674caaf9d9b0 100644
--- a/lib/AccountManager/App/Controller.pm
+++ b/lib/AccountManager/App/Controller.pm
@@ -6,6 +6,7 @@ use English qw(-no_match_vars);
use Syntax::Keyword::Try;
use AccountManager::DB;
+use AccountManager::Entity;
use AccountManager::L10N;
use AccountManager::Token;
@@ -116,6 +117,46 @@ sub check_token {
return 1;
}
+sub get_sp {
+ my ($self, %args) = @_;
+
+ my $entityid = $args{entityid};
+
+ return $self->abort(
+ log_message => "Missing parameter: entityid",
+ user_message => "missing_entityid"
+ ) if !$entityid;
+
+ my $pattern = qr{
+ ^
+ (?:
+ https?://[\w.:/-]+
+ |
+ urn:[\w.:-]+
+ )
+ $
+ }x;
+
+ return $self->abort(
+ log_message => "Incorrect parameter format: entityid",
+ user_message => "format_entityid"
+ ) if $entityid !~ $pattern;
+
+ my $db = $self->stash('db');
+
+ my $sp = AccountManager::Entity->new(
+ db => $db,
+ entityid => $entityid
+ );
+
+ return $self->abort(
+ log_message => sprintf("No such SP '%s' in database", $entityid),
+ user_message => "no_such_entity"
+ ) if !$sp->load(speculative => 1);
+
+ return $sp;
+}
+
sub abort {
my $self = shift;
my %args = @_;
diff --git a/lib/AccountManager/App/Step2.pm b/lib/AccountManager/App/Step2.pm
index 78d7601651058de78cf8a72d2ba6e724c399c1ad..8fa231d09b912a9aef155305486c6f464e3f5af3 100644
--- a/lib/AccountManager/App/Step2.pm
+++ b/lib/AccountManager/App/Step2.pm
@@ -5,8 +5,6 @@ use Mojo::Base qw(AccountManager::App::Controller);
use English qw(-no_match_vars);
use Syntax::Keyword::Try;
-use AccountManager::Entity;
-
sub run {
my $self = shift;
@@ -21,16 +19,8 @@ sub run {
}
my $entityid = $self->param('entityid');
- my $db = $self->stash('db');
-
- my $sp = AccountManager::Entity->new(
- db => $db,
- entityid => $entityid
- );
- return $self->abort(
- log_message => sprintf("No such SP '%s' in database", $entityid),
- user_message => "no_such_entity"
- ) if !$sp->load(speculative => 1);
+ my $sp = $self->get_sp(entityid => $entityid);
+ return if !$sp;
# override metadata contacts if needed
my $contacts =
diff --git a/lib/AccountManager/App/Step3.pm b/lib/AccountManager/App/Step3.pm
index cbf2af737be91a214e8084ce1af51110731250b8..c927ebb3a1e6a79ada954202ffdaa98b8e9a8d7c 100644
--- a/lib/AccountManager/App/Step3.pm
+++ b/lib/AccountManager/App/Step3.pm
@@ -9,7 +9,6 @@ use English qw(-no_match_vars);
use Syntax::Keyword::Try;
use Template::Constants qw(:chomp);
-use AccountManager::Entity;
use AccountManager::Token;
use AccountManager::Tools;
@@ -31,14 +30,8 @@ sub run {
my $db = $self->stash('db');
my $l10n = $self->stash('l10n');
- my $sp = AccountManager::Entity->new(
- db => $db,
- entityid => $entityid
- );
- return $self->abort(
- log_message => sprintf("No such SP '%s' in database", $entityid),
- user_message => "no_such_entity"
- ) if !$sp->load(speculative => 1);
+ my $sp = $self->get_sp(entityid => $entityid);
+ return if !$sp;
# override metadata contacts if needed
my $contacts =
diff --git a/lib/AccountManager/App/Step4.pm b/lib/AccountManager/App/Step4.pm
index bb689683b48833ab7f1896f2e8d230807491cf94..ed5ac336342f7498cb8d49a76708a57bc896f66c 100644
--- a/lib/AccountManager/App/Step4.pm
+++ b/lib/AccountManager/App/Step4.pm
@@ -10,7 +10,6 @@ use Syntax::Keyword::Try;
use Template::Constants qw(:chomp);
use AccountManager::Account;
-use AccountManager::Entity;
use AccountManager::Token;
use AccountManager::Tools;
@@ -35,16 +34,10 @@ sub run {
my $db = $self->stash('db');
my $l10n = $self->stash('l10n');
- return if !$self->check_token(token => $token, entityid => $entityid);
+ my $sp = $self->get_sp(entityid => $entityid);
+ return if !$sp;
- my $sp = AccountManager::Entity->new(
- db => $db,
- entityid => $entityid,
- );
- return $self->abort(
- log_message => sprintf("No such SP '%s' in database", $entityid),
- user_message => "no_such_entity"
- ) if !$sp->load(speculative => 1);
+ return if !$self->check_token(token => $token, entityid => $entityid);
## create test accounts
my @accounts;