use of oidc.model.ProvidedRedirectURI in project OpenConext-oidcng by OpenConext.
the class AuthorizationEndpoint method validateRedirectionURI.
public static ProvidedRedirectURI validateRedirectionURI(URI redirectionURI, OpenIDClient client) throws UnsupportedEncodingException {
List<String> registeredRedirectUrls = client.getRedirectUrls();
if (registeredRedirectUrls == null) {
throw new IllegalArgumentException(String.format("Client %s must have at least one redirectURI configured to use the Authorization flow", client.getClientId()));
}
if (redirectionURI == null) {
return registeredRedirectUrls.stream().findFirst().map(s -> new ProvidedRedirectURI(s, false)).orElseThrow(() -> new IllegalArgumentException(String.format("Client %s must have at least one redirectURI configured to use the Authorization flow", client.getClientId())));
}
String redirectURI = URLDecoder.decode(redirectionURI.toString(), "UTF-8");
Optional<ProvidedRedirectURI> optionalProvidedRedirectURI = registeredRedirectUrls.stream().map(url -> new ProvidedRedirectURI(url, true)).filter(providedRedirectURI -> providedRedirectURI.equalsIgnorePort(redirectURI)).findFirst();
if (!optionalProvidedRedirectURI.isPresent()) {
throw new RedirectMismatchException(String.format("Client %s with registered redirect URI's %s requested authorization with redirectURI %s", client.getClientId(), registeredRedirectUrls, redirectURI));
}
return optionalProvidedRedirectURI.get();
}
use of oidc.model.ProvidedRedirectURI in project OpenConext-oidcng by OpenConext.
the class AuthorizationEndpointUnitTest method doValidateRedirectionUri.
@SuppressWarnings("unchecked")
private void doValidateRedirectionUri(String clientRedirectUri, String requestRedirectUri) throws IOException, ParseException {
AuthorizationRequest authorizationRequest = authorizationRequest(new FluentMap<String, String>().p("client_id", "http://oidc-rp").p("response_type", "code").p("redirect_uri", requestRedirectUri));
OpenIDClient client = openIDClient(clientRedirectUri, "open_id", "authorization_code");
ProvidedRedirectURI redirectUri = AuthorizationEndpoint.validateRedirectionURI(authorizationRequest.getRedirectionURI(), client);
assertEquals(redirectUri.getRedirectURI(), requestRedirectUri != null ? requestRedirectUri : clientRedirectUri);
}
Aggregations