Interface ClientRedirectService
- All Known Implementing Classes:
DefaultClientRedirectService
public interface ClientRedirectService
Service used for returning redirects for a client and/or server
- Author:
- Jay Aisenbrey (cja769)
-
Method Summary
Modifier and TypeMethodDescriptiongetDefaultRedirectUrlForClientId
(String clientId) Used for returning the default redirect URL for the provided clientboolean
isValidPostAuthenticationSuccessUrl
(String requestedRedirectUrl, AuthorizedClient authorizedClient) Similar toisValidPostAuthenticationSuccessUrl(String, String)
, but takes a pre-providedAuthorizedClient
for performing the validation.boolean
isValidPostAuthenticationSuccessUrl
(String requestedRedirectUrl, String clientId) Checks if the givenrequestedRedirectUrl
is valid when compared toAuthorizedClient.getPostAuthenticationSuccessRedirectUris()
.
-
Method Details
-
getDefaultRedirectUrlForClientId
Used for returning the default redirect URL for the provided client- Parameters:
clientId
- The String id of the client to resolve the redirect URL for- Returns:
- The default redirect URL for the given client, if exists, or null
-
isValidPostAuthenticationSuccessUrl
Checks if the givenrequestedRedirectUrl
is valid when compared toAuthorizedClient.getPostAuthenticationSuccessRedirectUris()
.By default, the validation is an exact match. If given a relative input, it must exactly match an existing relative whitelist value. If given an absolute input, it must exactly match an existing absolute whitelist value. Request parameters must also be an exact match.
Notably, at this time, Broadleaf does not use this method for redirects after standard login operations.
- Parameters:
requestedRedirectUrl
- The URL to check. Can be absolute or relative.clientId
- The id of theAuthorizedClient
to use for validating the URL- Returns:
- True if the requested URL matches a value in
AuthorizedClient.getPostAuthenticationSuccessRedirectUris()
, false otherwise - See Also:
-
isValidPostAuthenticationSuccessUrl
boolean isValidPostAuthenticationSuccessUrl(String requestedRedirectUrl, AuthorizedClient authorizedClient) Similar toisValidPostAuthenticationSuccessUrl(String, String)
, but takes a pre-providedAuthorizedClient
for performing the validation.- Parameters:
requestedRedirectUrl
- The URL to check. Can be absolute or relative.authorizedClient
- TheAuthorizedClient
to use for validating the URL- Returns:
- True if the requested URL matches a value in
AuthorizedClient.getPostAuthenticationSuccessRedirectUris()
, false otherwise - See Also:
-