From cd876b46e6bbdec865f5cd1cfe40c2f3b2ca293c Mon Sep 17 00:00:00 2001 From: Milton Ch <86965029+Milton-Ch@users.noreply.github.com> Date: Thu, 24 Nov 2022 12:25:48 -0400 Subject: [PATCH] feat(jans-auth-server): remove redirect uri on client registration when grant types is password or client credentials (#3076) --- .../RegistrationRestWebServiceHttpTest.java | 32 +++++++++++++++++++ .../registration/RegisterParamsValidator.java | 10 ++++-- 2 files changed, 40 insertions(+), 2 deletions(-) diff --git a/jans-auth-server/client/src/test/java/io/jans/as/client/ws/rs/RegistrationRestWebServiceHttpTest.java b/jans-auth-server/client/src/test/java/io/jans/as/client/ws/rs/RegistrationRestWebServiceHttpTest.java index a2b35831593..89819cb6421 100644 --- a/jans-auth-server/client/src/test/java/io/jans/as/client/ws/rs/RegistrationRestWebServiceHttpTest.java +++ b/jans-auth-server/client/src/test/java/io/jans/as/client/ws/rs/RegistrationRestWebServiceHttpTest.java @@ -568,6 +568,38 @@ public void registerWithHttpFail(final String redirectUris) throws Exception { assertNotNull(response.getErrorDescription()); } + @Test + public void registerGrantPasswordRedirectUriNull() { + showTitle("registerGrantPasswordRedirectUriNull"); + + RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "Test client with grant password redirect uri null", null); + registerRequest.setGrantTypes(Collections.singletonList(RESOURCE_OWNER_PASSWORD_CREDENTIALS)); + registerRequest.setResponseTypes(Collections.singletonList(CODE)); + + RegisterClient registerClient = new RegisterClient(registrationEndpoint); + registerClient.setRequest(registerRequest); + RegisterResponse response = registerClient.exec(); + + showClient(registerClient); + AssertBuilder.registerResponse(response).created().check(); + } + + @Test + public void registerGrantClientCredentialsRedirectUriEmpty() { + showTitle("registerGrantClientCredentialsRedirectUriEmpty"); + + RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "Test client with grant client_credentials redirect uri empty", Collections.emptyList()); + registerRequest.setGrantTypes(Collections.singletonList(CLIENT_CREDENTIALS)); + registerRequest.setResponseTypes(Collections.singletonList(CODE)); + + RegisterClient registerClient = new RegisterClient(registrationEndpoint); + registerClient.setRequest(registerRequest); + RegisterResponse response = registerClient.exec(); + + showClient(registerClient); + AssertBuilder.registerResponse(response).created().check(); + } + @Parameters({"redirectUris"}) @Test public void deleteClient(final String redirectUris) throws Exception { diff --git a/jans-auth-server/server/src/main/java/io/jans/as/server/model/registration/RegisterParamsValidator.java b/jans-auth-server/server/src/main/java/io/jans/as/server/model/registration/RegisterParamsValidator.java index f47bd2ae5c1..30c011cacab 100644 --- a/jans-auth-server/server/src/main/java/io/jans/as/server/model/registration/RegisterParamsValidator.java +++ b/jans-auth-server/server/src/main/java/io/jans/as/server/model/registration/RegisterParamsValidator.java @@ -80,7 +80,10 @@ public Pair validateParamsClientRegister( if (grantTypes != null && (grantTypes.contains(GrantType.AUTHORIZATION_CODE) || grantTypes.contains(GrantType.IMPLICIT) - || (responseTypes.contains(ResponseType.CODE) && !grantTypes.contains(GrantType.DEVICE_CODE)) + || (responseTypes.contains(ResponseType.CODE) && ( + !grantTypes.contains(GrantType.DEVICE_CODE) && + !grantTypes.contains(GrantType.RESOURCE_OWNER_PASSWORD_CREDENTIALS) && + !grantTypes.contains(GrantType.CLIENT_CREDENTIALS))) || responseTypes.contains(ResponseType.TOKEN) || responseTypes.contains(ResponseType.ID_TOKEN))) { if (redirectUris == null || redirectUris.isEmpty()) { return new Pair<>(false, "Redirect uris are empty."); @@ -284,7 +287,10 @@ public boolean validateRedirectUris(List grantTypes, List