Interface ClientRedirectService
- All Known Implementing Classes:
DefaultClientRedirectService
public interface ClientRedirectService
Service used for returning redirects for a client and/or server
- Author:
- Jay Aisenbrey (cja769)
-
Method Summary
Modifier and TypeMethodDescriptiongetDefaultRedirectUrlForClientId(String clientId) Used for returning the default redirect URL for the provided clientbooleanisValidPostAuthenticationSuccessUrl(String requestedRedirectUrl, AuthorizedClient authorizedClient) Similar toisValidPostAuthenticationSuccessUrl(String, String), but takes a pre-providedAuthorizedClientfor performing the validation.booleanisValidPostAuthenticationSuccessUrl(String requestedRedirectUrl, String clientId) Checks if the givenrequestedRedirectUrlis valid when compared toAuthorizedClient.getPostAuthenticationSuccessRedirectUris().
-
Method Details
-
getDefaultRedirectUrlForClientId
Used for returning the default redirect URL for the provided client- Parameters:
clientId- The String id of the client to resolve the redirect URL for- Returns:
- The default redirect URL for the given client, if exists, or null
-
isValidPostAuthenticationSuccessUrl
Checks if the givenrequestedRedirectUrlis valid when compared toAuthorizedClient.getPostAuthenticationSuccessRedirectUris().By default, the validation is an exact match. If given a relative input, it must exactly match an existing relative whitelist value. If given an absolute input, it must exactly match an existing absolute whitelist value. Request parameters must also be an exact match.
Notably, at this time, Broadleaf does not use this method for redirects after standard login operations.
- Parameters:
requestedRedirectUrl- The URL to check. Can be absolute or relative.clientId- The id of theAuthorizedClientto use for validating the URL- Returns:
- True if the requested URL matches a value in
AuthorizedClient.getPostAuthenticationSuccessRedirectUris(), false otherwise - See Also:
-
isValidPostAuthenticationSuccessUrl
boolean isValidPostAuthenticationSuccessUrl(String requestedRedirectUrl, AuthorizedClient authorizedClient) Similar toisValidPostAuthenticationSuccessUrl(String, String), but takes a pre-providedAuthorizedClientfor performing the validation.- Parameters:
requestedRedirectUrl- The URL to check. Can be absolute or relative.authorizedClient- TheAuthorizedClientto use for validating the URL- Returns:
- True if the requested URL matches a value in
AuthorizedClient.getPostAuthenticationSuccessRedirectUris(), false otherwise - See Also:
-