github
/
OpenID-Connect-Java-Spring-Server
mirror of https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

count really weird URIs as "custom scheme"

pull/1046/head
Justin Richer 2016-03-10 12:50:47 -05:00
parent 60faf96e00
commit 49a8848648
1 changed files with 5 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2ClientDetailsEntityService.java
View File

@ -287,13 +287,16 @@ public class DefaultOAuth2ClientDetailsEntityService implements ClientDetailsEnt
}
// make sure our redirect URIs each fit one of the allowed categories
if (client.getRedirectUris() != null) {
if (client.getRedirectUris() != null && !client.getRedirectUris().isEmpty()) {
boolean localhost = false;
boolean remoteHttps = false;
boolean customScheme = false;
for (String uri : client.getRedirectUris()) {
UriComponents components = UriComponentsBuilder.fromUriString(uri).build();
if (components.getScheme().equals("http")) {
if (components.getScheme() == null) {
// this is a very unknown redirect URI
customScheme = true;
} else if (components.getScheme().equals("http")) {
// http scheme, check for localhost
if (components.getHost().equals("localhost") || components.getHost().equals("127.0.0.1")) {
localhost = true;