From 007c364027de8740f3b81db8d7fe0cca5aa79d5b Mon Sep 17 00:00:00 2001
From: sakanaou <sakanaou@users.noreply.github.com>
Date: Fri, 9 Nov 2018 09:14:57 +0100
Subject: [PATCH] Store rewritten redirect URL in adapter-core

---
 .../java/org/keycloak/adapters/OAuthRequestAuthenticator.java | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/OAuthRequestAuthenticator.java b/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/OAuthRequestAuthenticator.java
index fb36c4e2f0..2e9ad31ca0 100755
--- a/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/OAuthRequestAuthenticator.java
+++ b/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/OAuthRequestAuthenticator.java
@@ -327,12 +327,12 @@ public class OAuthRequestAuthenticator {
         if (challenge != null) return challenge;
 
         AccessTokenResponse tokenResponse = null;
-        strippedOauthParametersRequestUri = stripOauthParametersFromRedirect();
+        strippedOauthParametersRequestUri = rewrittenRedirectUri(stripOauthParametersFromRedirect());
     
         try {
             // For COOKIE store we don't have httpSessionId and single sign-out won't be available
             String httpSessionId = deployment.getTokenStore() == TokenStore.SESSION ? reqAuthenticator.changeHttpSessionId(true) : null;
-            tokenResponse = ServerRequest.invokeAccessCodeToToken(deployment, code, rewrittenRedirectUri(strippedOauthParametersRequestUri), httpSessionId);
+            tokenResponse = ServerRequest.invokeAccessCodeToToken(deployment, code, strippedOauthParametersRequestUri, httpSessionId);
         } catch (ServerRequest.HttpFailure failure) {
             log.error("failed to turn code into token");
             log.error("status from server: " + failure.getStatus());