refactor for teamscale findings fix

src/main/java/de/tum/in/www1/artemis/exception/LtiEmailAlreadyInUseException.java

@@ -1,8 +1,12 @@
 package de.tum.in.www1.artemis.exception;
 
-import org.springframework.security.authentication.AuthenticationServiceException;
+import org.springframework.security.authentication.InternalAuthenticationServiceException;
 
-public class LtiEmailAlreadyInUseException extends AuthenticationServiceException {
+/**
+ * Exception thrown when an email provided during LTI authentication is already in use within Artemis.
+ * This is an unchecked exception and indicates that the user should re-login to access Artemis content.
+ */
+public class LtiEmailAlreadyInUseException extends InternalAuthenticationServiceException {
 
     public LtiEmailAlreadyInUseException() {
         super("Email address is already in use by Artemis. Please login again to access Artemis content.");

src/main/java/de/tum/in/www1/artemis/security/lti/Lti13LaunchFilter.java

@@ -61,7 +61,7 @@ protected void doFilterInternal(HttpServletRequest request, HttpServletResponse
             OidcIdToken ltiIdToken = ((OidcUser) authToken.getPrincipal()).getIdToken();
 
             // get username from client to set authentication
-            lti13Service.setAuthenticationFromClient(request);
+            lti13Service.authenticateUserFromRequestParam(request);
 
             lti13Service.performLaunch(ltiIdToken, authToken.getAuthorizedClientRegistrationId());
 

src/main/java/de/tum/in/www1/artemis/service/connectors/lti/Lti13Service.java

@@ -301,8 +301,13 @@ public void buildLtiResponse(UriComponentsBuilder uriComponentsBuilder, HttpServ
         ltiService.buildLtiResponse(uriComponentsBuilder, response);
     }
 
-    public void setAuthenticationFromClient(HttpServletRequest request) {
-        var username = request.getParameter("auth");
+    /**
+     * Authenticates the user based on the provided request parameter if the user was previously authenticated in the same browser session.
+     *
+     * @param request the HTTP request containing the user authentication parameter
+     */
+    public void authenticateUserFromRequestParam(HttpServletRequest request) {
+        var username = request.getParameter("authenticatedUser");
         if (username != null) {
             var user = userRepository.findOneByLogin(username).orElseThrow();
             SecurityContextHolder.getContext().setAuthentication(new UsernamePasswordAuthenticationToken(user.getLogin(), user.getPassword(), SIMPLE_USER_LIST_AUTHORITY));

src/main/java/de/tum/in/www1/artemis/web/rest/open/PublicLtiResource.java

@@ -166,7 +166,7 @@ public void lti13LaunchRedirect(HttpServletRequest request, HttpServletResponse
         uriBuilder.path(LOGIN_REDIRECT_CLIENT_PATH);
         uriBuilder.queryParam("state", UriComponent.encode(state, UriComponent.Type.QUERY_PARAM));
         uriBuilder.queryParam("id_token", UriComponent.encode(idToken, UriComponent.Type.QUERY_PARAM));
-        uriBuilder.queryParam("auth", UriComponent.encode(userName, UriComponent.Type.QUERY_PARAM));
+        uriBuilder.queryParam("authenticatedUser", UriComponent.encode(userName, UriComponent.Type.QUERY_PARAM));
         String redirectUrl = uriBuilder.build().toString();
         log.info("redirect to url: {}", redirectUrl);
         response.sendRedirect(redirectUrl); // Redirect using user-provided values is safe because user-provided values are used in the query parameters, not the url itself

src/main/webapp/app/lti/lti13-exercise-launch.component.ts

@@ -30,7 +30,7 @@ export class Lti13ExerciseLaunchComponent implements OnInit {
     sendRequest(): void {
         const state = this.route.snapshot.queryParamMap.get('state');
         const idToken = this.route.snapshot.queryParamMap.get('id_token');
-        const auth = this.route.snapshot.queryParamMap.get('auth');
+        const auth = this.route.snapshot.queryParamMap.get('authenticatedUser');
 
         if (!state || !idToken) {
             console.error('Required parameter for LTI launch missing');