Package com.broadleafcommerce.auth.server.service

Class DefaultClientRedirectService

java.lang.Object

com.broadleafcommerce.auth.server.service.DefaultClientRedirectService

All Implemented Interfaces:

ClientRedirectService

public class DefaultClientRedirectService
extends Object
implements ClientRedirectService

Constructor Summary

Constructors

Constructor	Description
DefaultClientRedirectService(AuthorizedClientService<AuthorizedClient> clientService, AuthorizationServerService<AuthorizationServer> serverService)

Method Summary

Modifier and Type	Method	Description
protected AuthorizedClientService<AuthorizedClient>	getClientService()
String	getDefaultRedirectUrlForClientId(String clientId)	Used for returning the default redirect URL for the provided client
protected Stream<org.springframework.web.util.UriComponents>	getPostAuthenticationSuccessRedirectUriComponents(AuthorizedClient authorizedClient)
protected AuthorizationServerService<AuthorizationServer>	getServerService()
boolean	isValidPostAuthenticationSuccessUrl(String requestedRedirectUrl, AuthorizedClient authorizedClient)	Similar to ClientRedirectService.isValidPostAuthenticationSuccessUrl(String, String), but takes a pre-provided AuthorizedClient for performing the validation.
boolean	isValidPostAuthenticationSuccessUrl(String requestedRedirectUrl, String clientId)	Checks if the given requestedRedirectUrl is valid when compared to AuthorizedClient.getPostAuthenticationSuccessRedirectUris().
protected boolean	isValidPostAuthenticationSuccessUrlInternal(String requestedRedirectUrl, Supplier<AuthorizedClient> authorizedClientSupplier)
protected boolean	matchesWhitelistedPostAuthenticationSuccessRedirectUri(org.springframework.web.util.UriComponents requested, org.springframework.web.util.UriComponents whitelisted)
protected boolean	pathsEqual(org.springframework.web.util.UriComponents uri1, org.springframework.web.util.UriComponents uri2)
protected boolean	queryParamsMatch(org.springframework.web.util.UriComponents requested, org.springframework.web.util.UriComponents whitelisted)	Checks whether the query params in the requested redirect URI matches the ones specified in the whitelisted redirect URI.
protected String	stripTrailingSlashIfPresent(String input)
protected org.springframework.web.util.UriComponents	toUriComponents(String uri)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

DefaultClientRedirectService

public DefaultClientRedirectService(AuthorizedClientService<AuthorizedClient> clientService,
 AuthorizationServerService<AuthorizationServer> serverService)

Method Details

getDefaultRedirectUrlForClientId

@Nullable
public String getDefaultRedirectUrlForClientId(String clientId)

Description copied from interface: ClientRedirectService

Used for returning the default redirect URL for the provided client

Specified by:

getDefaultRedirectUrlForClientId in interface ClientRedirectService

Parameters:

clientId - The String id of the client to resolve the redirect URL for

Returns:

The default redirect URL for the given client, if exists, or null

isValidPostAuthenticationSuccessUrl

public boolean isValidPostAuthenticationSuccessUrl(String requestedRedirectUrl,
 String clientId)

Description copied from interface: ClientRedirectService

Checks if the given requestedRedirectUrl is valid when compared to AuthorizedClient.getPostAuthenticationSuccessRedirectUris().

By default, the validation is an exact match. If given a relative input, it must exactly match an existing relative whitelist value. If given an absolute input, it must exactly match an existing absolute whitelist value. Request parameters must also be an exact match.

Notably, at this time, Broadleaf does not use this method for redirects after standard login operations.

Specified by:

isValidPostAuthenticationSuccessUrl in interface ClientRedirectService

Parameters:

requestedRedirectUrl - The URL to check. Can be absolute or relative.

clientId - The id of the AuthorizedClient to use for validating the URL

Returns:

True if the requested URL matches a value in AuthorizedClient.getPostAuthenticationSuccessRedirectUris(), false otherwise

See Also:

• ClientRedirectService.isValidPostAuthenticationSuccessUrl(String, AuthorizedClient)

isValidPostAuthenticationSuccessUrl

public boolean isValidPostAuthenticationSuccessUrl(String requestedRedirectUrl,
 AuthorizedClient authorizedClient)

Description copied from interface: ClientRedirectService

Similar to ClientRedirectService.isValidPostAuthenticationSuccessUrl(String, String), but takes a pre-provided AuthorizedClient for performing the validation.

Specified by:

isValidPostAuthenticationSuccessUrl in interface ClientRedirectService

Parameters:

requestedRedirectUrl - The URL to check. Can be absolute or relative.

authorizedClient - The AuthorizedClient to use for validating the URL

Returns:

True if the requested URL matches a value in AuthorizedClient.getPostAuthenticationSuccessRedirectUris(), false otherwise

See Also:

• ClientRedirectService.isValidPostAuthenticationSuccessUrl(String, String)

isValidPostAuthenticationSuccessUrlInternal

protected boolean isValidPostAuthenticationSuccessUrlInternal(String requestedRedirectUrl,
 Supplier<AuthorizedClient> authorizedClientSupplier)

getPostAuthenticationSuccessRedirectUriComponents

protected Stream<org.springframework.web.util.UriComponents> getPostAuthenticationSuccessRedirectUriComponents(AuthorizedClient authorizedClient)

toUriComponents

@Nullable
protected org.springframework.web.util.UriComponents toUriComponents(String uri)

matchesWhitelistedPostAuthenticationSuccessRedirectUri

protected boolean matchesWhitelistedPostAuthenticationSuccessRedirectUri(org.springframework.web.util.UriComponents requested,
 org.springframework.web.util.UriComponents whitelisted)

queryParamsMatch

protected boolean queryParamsMatch(org.springframework.web.util.UriComponents requested,
 org.springframework.web.util.UriComponents whitelisted)

Checks whether the query params in the requested redirect URI matches the ones specified in the whitelisted redirect URI.

This checks that all the parameters specified in the whitelisted URI are present and match the expected values. Any additional params or param values in the requested URI are ignored as long as the required ones are present. For example, if the whitelisted URI has ?param1=value1 then this requested URI will pass ?param1=value1,value2&param2=otherValue. However, this URI will not pass: ?param1=value2.

Parameters:

requested - The requested URI to redirect to

whitelisted - One of the whitelisted redirect URIs

Returns:

Whether requested matches whitelisted.

pathsEqual

protected boolean pathsEqual(org.springframework.web.util.UriComponents uri1,
 org.springframework.web.util.UriComponents uri2)

stripTrailingSlashIfPresent

protected String stripTrailingSlashIfPresent(String input)

getClientService

protected AuthorizedClientService<AuthorizedClient> getClientService()

getServerService

protected AuthorizationServerService<AuthorizationServer> getServerService()