allow multiple redirect uris per client

2026-03-21 16:50:01 +01:00 · 2023-09-25 15:24:32 +02:00
parent c02f950c33
commit 1e615b2566
5 changed files with 16 additions and 10 deletions
--- a/src/main/java/com/ysoft/geecon/dto/OAuthClient.java
+++ b/src/main/java/com/ysoft/geecon/dto/OAuthClient.java
@@ -1,10 +1,11 @@
 package com.ysoft.geecon.dto;

+import java.util.List;
 import java.util.Objects;

-public record OAuthClient(String clientId, String description, String clientSecret, String redirectUri) {
+public record OAuthClient(String clientId, String description, String clientSecret, List<String> redirectUris) {
    public boolean validateRedirectUri(String redirectUri) {
-        return this.redirectUri != null && this.redirectUri.equals(redirectUri);
+        return this.redirectUris != null && this.redirectUris.contains(redirectUri);
    }

    public boolean validateSecret(String clientSecret) {
--- a/src/main/java/com/ysoft/geecon/repo/ClientsRepo.java
+++ b/src/main/java/com/ysoft/geecon/repo/ClientsRepo.java
@@ -5,6 +5,7 @@ import com.ysoft.geecon.dto.OAuthClient;
 import jakarta.enterprise.context.ApplicationScoped;

 import java.util.HashMap;
+import java.util.List;
 import java.util.Map;
 import java.util.Optional;

@@ -13,11 +14,15 @@ public class ClientsRepo {
    private final Map<String, OAuthClient> clients = new HashMap<>();

    public ClientsRepo() {
-        register(new OAuthClient("my-public-client", "Example public client", null, "https://localhost:8888/oauth_success"));
-        register(new OAuthClient("oauthdebugger", "Example public client", null, "https://oauthdebugger.com/debug"));
+        register(new OAuthClient("my-public-client", "Example public client", null,
+                List.of("https://localhost:8888/oauth_success")));
+        register(new OAuthClient("oauthdebugger", "Example public client", null,
+                List.of("https://oauthdebugger.com/debug")));

-        register(new OAuthClient("oauth-playground", "OAuth playground", null, "https://oauth-playground.online/flow/code-2"));
-        register(new OAuthClient("oauth-playground-localhost", "OAuth playground", null, "http://localhost:5555/flow/code-2"));
+        register(new OAuthClient("oauth-playground", "OAuth playground", null,
+                List.of("https://oauth-playground.online/flow/code-2", "https://oauth-playground.online/flow/pkce-3")));
+        register(new OAuthClient("oauth-playground-localhost", "OAuth playground", null,
+                List.of("http://localhost:5555/flow/code-2", "http://localhost:5555/flow/pkce-2")));
    }

    public Optional<OAuthClient> getClient(String clientId) {
--- a/src/test/java/com/ysoft/geecon/AuthCodeGrantTest.java
+++ b/src/test/java/com/ysoft/geecon/AuthCodeGrantTest.java
@@ -25,7 +25,7 @@ import static org.hamcrest.MatcherAssert.assertThat;

@QuarkusTest
 public class AuthCodeGrantTest {
-    public static final OAuthClient CLIENT = new OAuthClient("myclient", "", null, "https://myserver:8888/success");
+    public static final OAuthClient CLIENT = new OAuthClient("myclient", "", null, List.of("https://myserver:8888/success"));
    @Inject
    ClientsRepo clientsRepo;
    @Inject
--- a/src/test/java/com/ysoft/geecon/helpers/AuthorizationCodeFlow.java
+++ b/src/test/java/com/ysoft/geecon/helpers/AuthorizationCodeFlow.java
@@ -36,7 +36,7 @@ public class AuthorizationCodeFlow {

        query = new HashMap<>();
        query.put("client_id", client.clientId());
-        query.put("redirect_uri", client.redirectUri());
+        query.put("redirect_uri", client.redirectUris().get(0));
        query.put("state", state);
    }

@@ -79,7 +79,7 @@ public class AuthorizationCodeFlow {

    private Map<String, String> expectRedirect(Connection.Response response) {
        assertThat(response.statusCode(), is(303));
-        assertThat(response.header("location"), startsWith(client.redirectUri()));
+        assertThat(response.header("location"), startsWith(client.redirectUris().get(0)));

        URI location = URI.create(Objects.requireNonNull(response.header("location")));
        Map<String, String> query = URLEncodedUtils.parse(location.getQuery(), Charset.defaultCharset())
--- a/src/test/java/com/ysoft/geecon/helpers/TokenEndpointCall.java
+++ b/src/test/java/com/ysoft/geecon/helpers/TokenEndpointCall.java
@@ -26,7 +26,7 @@ public class TokenEndpointCall {

    public TokenEndpointCall authorizationCode(String code, String codeVerifier) {
        tokenForm.put("grant_type", "authorization_code");
-        tokenForm.put("redirect_uri", client.redirectUri());
+        tokenForm.put("redirect_uri", client.redirectUris().get(0));
        tokenForm.put("code", code);
        if (codeVerifier != null) {
            tokenForm.put("code_verifier", codeVerifier);