AntPathRedirectResolver.java example

Explorer
uaa-master
/*
 * *****************************************************************************
 *      Cloud Foundry
 *      Copyright (c) [2009-2015] Pivotal Software, Inc. All Rights Reserved.
 *
 *      This product is licensed to you under the Apache License, Version 2.0 (the "License").
 *      You may not use this product except in compliance with the License.
 *
 *      This product includes a number of subcomponents with
 *      separate copyright notices and license terms. Your use of these
 *      subcomponents is subject to the terms and conditions of the
 *      subcomponent's license, as noted in the LICENSE file.
 * *****************************************************************************
 */

package org.cloudfoundry.identity.uaa.oauth;

import org.cloudfoundry.identity.uaa.util.UaaUrlUtils;
import org.springframework.security.oauth2.common.exceptions.OAuth2Exception;
import org.springframework.security.oauth2.common.exceptions.RedirectMismatchException;
import org.springframework.security.oauth2.provider.ClientDetails;
import org.springframework.security.oauth2.provider.endpoint.DefaultRedirectResolver;
import org.springframework.util.AntPathMatcher;

import java.util.List;
import java.util.Set;
import java.util.stream.Collectors;

import static java.util.Collections.emptySet;
import static java.util.Optional.ofNullable;

public class AntPathRedirectResolver extends DefaultRedirectResolver {


    @Override
    protected boolean redirectMatches(String requestedRedirect, String redirectUri) {
        AntPathMatcher matcher = new AntPathMatcher("/");
        if (redirectUri!=null &&
            redirectUri.contains("*") &&
            matcher.match(redirectUri, requestedRedirect)) {
            return true;
        } else {
            return super.redirectMatches(requestedRedirect, redirectUri);
        }
    }

    @Override
    public String resolveRedirect(String requestedRedirect, ClientDetails client) throws OAuth2Exception {
        Set<String> registeredRedirectUris = ofNullable(client.getRegisteredRedirectUri()).orElse(emptySet());
        if (registeredRedirectUris.size()==0) {
            throw new RedirectMismatchException("Client registration is missing redirect_uri");
        }
        List<String> invalidUrls = registeredRedirectUris.stream().filter(url -> !UaaUrlUtils.isValidRegisteredRedirectUrl(url)).collect(Collectors.toList());
        if (invalidUrls.size()>0) {
                throw new RedirectMismatchException("Client registration contains invalid redirect_uri: " + invalidUrls);
        }
        return super.resolveRedirect(requestedRedirect, client);
    }
}