libre.sh/keycloak-scim
2
0
Fork 0
Code Issues 14 Pull requests Releases Packages Activity Actions 6

KEYCLOAK-2390

Browse source 
Relative redirect uri is broken
This commit is contained in:
Stian Thorgersen 2016-01-26 09:01:14 +01:00
parent bdc439b4a4
commit ee847c1f20
2 changed files with 29 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
services/src/main/java/org/keycloak/protocol/oidc/utils/RedirectUtils.java
View file

@ -108,7 +108,7 @@ public class RedirectUtils {
}
private static String relativeToAbsoluteURI(UriInfo uriInfo, String rootUrl, String relative) {
if (rootUrl == null) {
if (rootUrl == null || rootUrl.isEmpty()) {
URI baseUri = uriInfo.getBaseUri();
String uri = baseUri.getScheme() + "://" + baseUri.getHost();
if (baseUri.getPort() != -1) {

28
testsuite/integration/src/test/java/org/keycloak/testsuite/oauth/OAuthRedirectUriTest.java
View file

@ -74,6 +74,18 @@ public class OAuthRedirectUriTest {
installedApp4.addRedirectUri("http://with-dash.example.com");
installedApp4.addRedirectUri("http://with-dash.example.com/foo");
installedApp4.setSecret("password");
ClientModel installedApp5 = KeycloakModelUtils.createClient(appRealm, "test-root-url");
installedApp5.setEnabled(true);
installedApp5.setRootUrl("http://with-dash.example.com");
installedApp5.addRedirectUri("/foo");
installedApp5.setSecret("password");
ClientModel installedApp6 = KeycloakModelUtils.createClient(appRealm, "test-relative-url");
installedApp6.setEnabled(true);
installedApp6.setRootUrl("");
installedApp6.addRedirectUri("/foo");
installedApp6.setSecret("password");
}
});
@ -252,6 +264,22 @@ public class OAuthRedirectUriTest {
checkRedirectUri("Http://wiTh-dAsh.example.com", true);
}
@Test
public void testRelativeWithRoot() throws IOException {
oauth.clientId("test-root-url");
checkRedirectUri("http://with-dash.example.com/foo", true);
checkRedirectUri("http://localhost:8081/foo", false);
}
@Test
public void testRelative() throws IOException {
oauth.clientId("test-relative-url");
checkRedirectUri("http://with-dash.example.com/foo", false);
checkRedirectUri("http://localhost:8081/foo", true);
}
@Test
public void testLocalhost() throws IOException {
oauth.clientId("test-installed");