Repository: cxf-fediz Updated Branches: refs/heads/master 485b96744 -> 10b9246ae
Support for more involved client webapps with multiple redirect points Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/10b9246a Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/10b9246a Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/10b9246a Branch: refs/heads/master Commit: 10b9246ae1221997799dcdc44a4981264cf5e630 Parents: 485b967 Author: Sergey Beryozkin <sberyoz...@gmail.com> Authored: Fri Jan 29 12:35:19 2016 +0000 Committer: Sergey Beryozkin <sberyoz...@gmail.com> Committed: Fri Jan 29 12:35:19 2016 +0000 ---------------------------------------------------------------------- .../service/oidc/ClientRegistrationService.java | 30 +++++++++++--------- 1 file changed, 17 insertions(+), 13 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/10b9246a/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/ClientRegistrationService.java ---------------------------------------------------------------------- diff --git a/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/ClientRegistrationService.java b/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/ClientRegistrationService.java index 351b922..733f7ea 100644 --- a/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/ClientRegistrationService.java +++ b/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/ClientRegistrationService.java @@ -23,7 +23,6 @@ import java.net.URI; import java.net.URISyntaxException; import java.util.ArrayList; import java.util.Collection; -import java.util.Collections; import java.util.HashSet; import java.util.Iterator; import java.util.LinkedHashMap; @@ -211,10 +210,6 @@ public class ClientRegistrationService { if (!("confidential".equals(appType) || "public".equals(appType))) { throw new InvalidRegistrationException("An invalid client type was specified: " + appType); } - //TODO: support multiple redirect URIs - if (redirectURI != null && !"".equals(redirectURI) && !isValidURI(redirectURI, false)) { - throw new InvalidRegistrationException("An invalid redirect URI was specified: " + redirectURI); - } String clientId = generateClientId(); boolean isConfidential = "confidential".equals(appType); @@ -225,7 +220,17 @@ public class ClientRegistrationService { FedizClient newClient = new FedizClient(clientId, clientSecret, isConfidential, appName); newClient.setHomeRealm(homeRealm); if (!StringUtils.isEmpty(redirectURI)) { - newClient.setRedirectUris(Collections.singletonList(redirectURI)); + String[] allUris = redirectURI.trim().split(" "); + List<String> redirectUris = new LinkedList<String>(); + for (String uri : allUris) { + if (!StringUtils.isEmpty(uri)) { + if (!isValidURI(uri, false)) { + throw new InvalidRegistrationException("An invalid redirect URI was specified: " + uri); + } + redirectUris.add(uri); + } + } + newClient.setRedirectUris(redirectUris); } String userName = sc.getUserPrincipal().getName(); UserSubject userSubject = new UserSubject(userName); @@ -241,15 +246,14 @@ public class ClientRegistrationService { String[] auds = audience.trim().split(" "); List<String> registeredAuds = new LinkedList<String>(); for (String aud : auds) { - // make sure it is a proper URI - if (!"".equals(aud) && !isValidURI(aud, true)) { - throw new InvalidRegistrationException("An invalid audience URI was specified: " + aud); + if (!StringUtils.isEmpty(aud)) { + if (!isValidURI(aud, true)) { + throw new InvalidRegistrationException("An invalid audience URI was specified: " + aud); + } + registeredAuds.add(aud); } - registeredAuds.add(aud); - } - if (!registeredAuds.isEmpty()) { - newClient.setRegisteredAudiences(registeredAuds); } + newClient.setRegisteredAudiences(registeredAuds); } return registerNewClient(newClient);