Weird export/re-import behaviour regarding post.logout.redirect.uris
Closes #14884
This commit is contained in:
parent
13fcb9ca34
commit
9f532eecaf
3 changed files with 22 additions and 6 deletions
|
@ -358,10 +358,7 @@ public class OIDCAdvancedConfigWrapper extends AbstractClientConfigWrapper {
|
||||||
|
|
||||||
public List<String> getPostLogoutRedirectUris() {
|
public List<String> getPostLogoutRedirectUris() {
|
||||||
List<String> postLogoutRedirectUris = getAttributeMultivalued(OIDCConfigAttributes.POST_LOGOUT_REDIRECT_URIS);
|
List<String> postLogoutRedirectUris = getAttributeMultivalued(OIDCConfigAttributes.POST_LOGOUT_REDIRECT_URIS);
|
||||||
if(postLogoutRedirectUris == null || postLogoutRedirectUris.isEmpty()) {
|
if(postLogoutRedirectUris == null || postLogoutRedirectUris.isEmpty() || postLogoutRedirectUris.get(0).equals("+")) {
|
||||||
return null;
|
|
||||||
}
|
|
||||||
else if (postLogoutRedirectUris.get(0).equals("+")) {
|
|
||||||
if(clientModel != null) {
|
if(clientModel != null) {
|
||||||
return new ArrayList(clientModel.getRedirectUris());
|
return new ArrayList(clientModel.getRedirectUris());
|
||||||
}
|
}
|
||||||
|
@ -370,6 +367,9 @@ public class OIDCAdvancedConfigWrapper extends AbstractClientConfigWrapper {
|
||||||
}
|
}
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
|
else if(postLogoutRedirectUris.get(0).equals("-")) {
|
||||||
|
return new ArrayList<String>();
|
||||||
|
}
|
||||||
else {
|
else {
|
||||||
return postLogoutRedirectUris;
|
return postLogoutRedirectUris;
|
||||||
}
|
}
|
||||||
|
|
|
@ -866,6 +866,22 @@ public class OIDCClientRegistrationTest extends AbstractClientRegistrationTest {
|
||||||
public void testPostLogoutRedirectUriNull() throws Exception {
|
public void testPostLogoutRedirectUriNull() throws Exception {
|
||||||
OIDCClientRepresentation clientRep = createRep();
|
OIDCClientRepresentation clientRep = createRep();
|
||||||
OIDCClientRepresentation response = reg.oidc().create(clientRep);
|
OIDCClientRepresentation response = reg.oidc().create(clientRep);
|
||||||
assertNull(response.getPostLogoutRedirectUris());
|
assertEquals("http://redirect", response.getPostLogoutRedirectUris().get(0));
|
||||||
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
public void testPostLogoutRedirectUriEmpty() throws Exception {
|
||||||
|
OIDCClientRepresentation clientRep = createRep();
|
||||||
|
clientRep.setPostLogoutRedirectUris(new ArrayList<String>());
|
||||||
|
OIDCClientRepresentation response = reg.oidc().create(clientRep);
|
||||||
|
assertEquals("http://redirect", response.getPostLogoutRedirectUris().get(0));
|
||||||
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
public void testPostLogoutRedirectUriMinus() throws Exception {
|
||||||
|
OIDCClientRepresentation clientRep = createRep();
|
||||||
|
clientRep.setPostLogoutRedirectUris(Collections.singletonList("-"));
|
||||||
|
OIDCClientRepresentation response = reg.oidc().create(clientRep);
|
||||||
|
assertTrue(response.getPostLogoutRedirectUris().isEmpty());
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -381,7 +381,7 @@ root-url.tooltip=Root URL appended to relative URLs
|
||||||
valid-redirect-uris=Valid Redirect URIs
|
valid-redirect-uris=Valid Redirect URIs
|
||||||
valid-redirect-uris.tooltip=Valid URI pattern a browser can redirect to after a successful login or logout. Simple wildcards are allowed such as 'http://example.com/*'. Relative path can be specified too such as /my/relative/path/*. Relative paths are relative to the client root URL, or if none is specified the auth server root URL is used. For SAML, you must set valid URI patterns if you are relying on the consumer service URL embedded with the login request.
|
valid-redirect-uris.tooltip=Valid URI pattern a browser can redirect to after a successful login or logout. Simple wildcards are allowed such as 'http://example.com/*'. Relative path can be specified too such as /my/relative/path/*. Relative paths are relative to the client root URL, or if none is specified the auth server root URL is used. For SAML, you must set valid URI patterns if you are relying on the consumer service URL embedded with the login request.
|
||||||
valid-post-logout-redirect-uris=Valid post logout redirect URIs
|
valid-post-logout-redirect-uris=Valid post logout redirect URIs
|
||||||
valid-post-logout-redirect-uris.tooltip=Valid URI pattern a browser can redirect to after a successful logout. A value of '+' will use the list of valid redirect uris. Simple wildcards are allowed such as 'http://example.com/*'. Relative path can be specified too such as /my/relative/path/*. Relative paths are relative to the client root URL, or if none is specified the auth server root URL is used. For SAML, you must set valid URI patterns if you are relying on the consumer service URL embedded with the login request.
|
valid-post-logout-redirect-uris.tooltip=Valid URI pattern a browser can redirect to after a successful logout. A value of '+' or an empty field will use the list of valid redirect uris. A value of '-' will not allow any post logout redirect uris. Simple wildcards are allowed such as 'http://example.com/*'. Relative path can be specified too such as /my/relative/path/*. Relative paths are relative to the client root URL, or if none is specified the auth server root URL is used.
|
||||||
base-url.tooltip=Default URL to use when the auth server needs to redirect or link back to the client.
|
base-url.tooltip=Default URL to use when the auth server needs to redirect or link back to the client.
|
||||||
admin-url=Admin URL
|
admin-url=Admin URL
|
||||||
admin-url.tooltip=URL to the admin interface of the client. Set this if the client supports the adapter REST API. This REST API allows the auth server to push revocation policies and other administrative tasks. Usually this is set to the base URL of the client.
|
admin-url.tooltip=URL to the admin interface of the client. Set this if the client supports the adapter REST API. This REST API allows the auth server to push revocation policies and other administrative tasks. Usually this is set to the base URL of the client.
|
||||||
|
|
Loading…
Reference in a new issue