github
/
OpenID-Connect-Java-Spring-Server
mirror of https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

always perform strict redirect URI matches in HEART mode

pull/1046/head
Justin Richer 2016-02-24 13:09:00 -05:00
parent fa4ed7ea06
commit 5bccb602d8
1 changed files with 10 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/BlacklistAwareRedirectResolver.java
View File

@ -19,6 +19,7 @@
*/
package org.mitre.oauth2.service.impl;
import org.mitre.openid.connect.config.ConfigurationPropertiesBean;
import org.mitre.openid.connect.service.BlacklistedSiteService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.oauth2.common.exceptions.InvalidRequestException;
@ -43,6 +44,9 @@ public class BlacklistAwareRedirectResolver extends DefaultRedirectResolver {
@Autowired
private BlacklistedSiteService blacklistService;
@Autowired
private ConfigurationPropertiesBean config;
private boolean strictMatch = false;
/* (non-Javadoc)
@ -80,8 +84,13 @@ public class BlacklistAwareRedirectResolver extends DefaultRedirectResolver {
* @return the strictMatch
*/
public boolean isStrictMatch() {
if (config.isHeartMode()) {
// HEART mode enforces strict matching
return true;
} else {
return strictMatch;
}
}
/**
* Set this to true to require exact string matches for all redirect URIs. (Default is false)