From aa139e46e6d25c6135eb05e22dbc36fe84eb3e86 Mon Sep 17 00:00:00 2001 From: Milton Ch <86965029+Milton-Ch@users.noreply.github.com> Date: Tue, 15 Mar 2022 12:20:36 -0400 Subject: [PATCH] fix(jans-auth-server): validate redirect_uri blank and client redirect uris single item to return by default (#1046) --- .../jans/as/server/service/RedirectionUriService.java | 2 +- .../as/server/service/RedirectionUriServiceTest.java | 10 ++++++++++ .../templates/jans-auth/jans-auth-config.json | 2 +- 3 files changed, 12 insertions(+), 2 deletions(-) diff --git a/jans-auth-server/server/src/main/java/io/jans/as/server/service/RedirectionUriService.java b/jans-auth-server/server/src/main/java/io/jans/as/server/service/RedirectionUriService.java index 9e5ae857640..6f3218ad3ac 100644 --- a/jans-auth-server/server/src/main/java/io/jans/as/server/service/RedirectionUriService.java +++ b/jans-auth-server/server/src/main/java/io/jans/as/server/service/RedirectionUriService.java @@ -106,7 +106,7 @@ public String validateRedirectionUri(@NotNull Client client, String redirectionU redirectUris = getSectorRedirectUris(sectorIdentifierUri).toArray(new String[0]); } - if (StringUtils.isBlank(sectorIdentifierUri) && redirectUris != null && redirectUris.length == 1) { + if (StringUtils.isBlank(redirectionUri) && redirectUris != null && redirectUris.length == 1) { return redirectUris[0]; } diff --git a/jans-auth-server/server/src/test/java/io/jans/as/server/service/RedirectionUriServiceTest.java b/jans-auth-server/server/src/test/java/io/jans/as/server/service/RedirectionUriServiceTest.java index 995dfe21cb7..76db414fb56 100644 --- a/jans-auth-server/server/src/test/java/io/jans/as/server/service/RedirectionUriServiceTest.java +++ b/jans-auth-server/server/src/test/java/io/jans/as/server/service/RedirectionUriServiceTest.java @@ -95,6 +95,16 @@ public void validateRedirectionUri_sectorIdentifierBlankAndRredirectUrlNull_retu assertNull(returnValue); } + @Test + public void validateRedirectionUri_redirectionUriBlankAndOneClientRedirectUri_returnSingleItem() { + final String singleRedirectUri = "https://client.example.com/cb2"; + final Client client = getClientForValidateRedirectionUri_sectorIdentifierBlank_redirectURisNull(); + client.setRedirectUris(new String[]{ singleRedirectUri }); + + final String returnValue = redirectionUriService.validateRedirectionUri(client, singleRedirectUri); + assertEquals(singleRedirectUri, returnValue); + } + private Client getClientForValidateRedirectionUri_full() { final Client client = new Client(); client.setSectorIdentifierUri("https://test.gluu.org/jans-auth/sectoridentifier/a55ede29-8f5a-461d-b06e-76caee8d40b5"); diff --git a/jans-linux-setup/jans_setup/templates/jans-auth/jans-auth-config.json b/jans-linux-setup/jans_setup/templates/jans-auth/jans-auth-config.json index 4c4e4be8a5d..83118c32765 100644 --- a/jans-linux-setup/jans_setup/templates/jans-auth/jans-auth-config.json +++ b/jans-linux-setup/jans_setup/templates/jans-auth/jans-auth-config.json @@ -446,5 +446,5 @@ "deviceAuthzRequestExpiresIn": 1800, "deviceAuthzTokenPollInterval": 5, "deviceAuthzResponseTypeToProcessAuthz": "code", - "redirectUrisRegexEnabled": false + "redirectUrisRegexEnabled": true }