Example 1 with RelativeRedirectUriException
use of org.forgerock.oauth2.core.exceptions.RelativeRedirectUriException in project OpenAM by OpenRock.
the class EndSession method validateRedirect.
private void validateRedirect(OAuth2Request request, String idToken, String redirectUri) throws InvalidClientException, RedirectUriMismatchException, RelativeRedirectUriException, NotFoundException {
SignedJwt jwt = new JwtReconstruction().reconstructJwt(idToken, SignedJwt.class);
JwtClaimsSet claims = jwt.getClaimsSet();
String clientId = (String) claims.getClaim(OAuth2Constants.JWTTokenParams.AZP);
ClientRegistration client = clientRegistrationStore.get(clientId, request);
URI requestedUri = URI.create(redirectUri);
if (!requestedUri.isAbsolute()) {
throw new RelativeRedirectUriException();
}
if (!client.getPostLogoutRedirectUris().contains(requestedUri)) {
throw new RedirectUriMismatchException();
}
}
Also used :
RelativeRedirectUriException(org.forgerock.oauth2.core.exceptions.RelativeRedirectUriException)
JwtClaimsSet(org.forgerock.json.jose.jwt.JwtClaimsSet)
JwtReconstruction(org.forgerock.json.jose.common.JwtReconstruction)
ClientRegistration(org.forgerock.oauth2.core.ClientRegistration)
RedirectUriMismatchException(org.forgerock.oauth2.core.exceptions.RedirectUriMismatchException)
SignedJwt(org.forgerock.json.jose.jws.SignedJwt)
URI(java.net.URI)
Aggregations
URI (java.net.URI)1
JwtReconstruction (org.forgerock.json.jose.common.JwtReconstruction)1
SignedJwt (org.forgerock.json.jose.jws.SignedJwt)1
JwtClaimsSet (org.forgerock.json.jose.jwt.JwtClaimsSet)1
ClientRegistration (org.forgerock.oauth2.core.ClientRegistration)1
RedirectUriMismatchException (org.forgerock.oauth2.core.exceptions.RedirectUriMismatchException)1
RelativeRedirectUriException (org.forgerock.oauth2.core.exceptions.RelativeRedirectUriException)1
