From eca2b67137181705fdbd2d2947d82ad271b92091 Mon Sep 17 00:00:00 2001
From: Joe Grandja <jgrandja@pivotal.io>
Date: Thu, 5 Oct 2017 20:35:51 -0400
Subject: [PATCH] ClientRegistration supports 'baseUrl' uri variable

Fixes gh-4589
---
 .../client/web/AuthorizationCodeRequestRedirectFilter.java    | 4 ++--
 .../src/main/resources/META-INF/oauth2-clients-defaults.yml   | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/AuthorizationCodeRequestRedirectFilter.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/AuthorizationCodeRequestRedirectFilter.java
index c49706d4ad..273d46e454 100644
--- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/AuthorizationCodeRequestRedirectFilter.java
+++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/AuthorizationCodeRequestRedirectFilter.java
@@ -160,14 +160,14 @@ public class AuthorizationCodeRequestRedirectFilter extends OncePerRequestFilter
 		uriVariables.put("contextPath", request.getContextPath());
 		uriVariables.put("registrationId", clientRegistration.getRegistrationId());
 
-		String baseRedirectUrl = UriComponentsBuilder.newInstance()
+		String baseUrl = UriComponentsBuilder.newInstance()
 			.scheme(request.getScheme())
 			.host(request.getServerName())
 			.port(request.getServerPort())
 			.path(request.getContextPath())
 			.build()
 			.toUriString();
-		uriVariables.put("baseRedirectUrl", baseRedirectUrl);
+		uriVariables.put("baseUrl", baseUrl);
 
 		return UriComponentsBuilder.fromUriString(clientRegistration.getRedirectUri())
 			.buildAndExpand(uriVariables)
diff --git a/samples/boot/oauth2login/src/main/resources/META-INF/oauth2-clients-defaults.yml b/samples/boot/oauth2login/src/main/resources/META-INF/oauth2-clients-defaults.yml
index ed5dbdefde..09ffacb54b 100644
--- a/samples/boot/oauth2login/src/main/resources/META-INF/oauth2-clients-defaults.yml
+++ b/samples/boot/oauth2login/src/main/resources/META-INF/oauth2-clients-defaults.yml
@@ -5,7 +5,7 @@ security:
         google:
           client-authentication-method: basic
           authorization-grant-type: authorization_code
-          redirect-uri: "{scheme}://{serverName}:{serverPort}{contextPath}/oauth2/authorize/code/{registrationId}"
+          redirect-uri: "{baseUrl}/oauth2/authorize/code/{registrationId}"
           scope: openid, profile, email, address, phone
           authorization-uri: "https://accounts.google.com/o/oauth2/v2/auth"
           token-uri: "https://www.googleapis.com/oauth2/v4/token"
@@ -16,7 +16,7 @@ security:
         github:
           client-authentication-method: basic
           authorization-grant-type: authorization_code
-          redirect-uri: "{baseRedirectUrl}/oauth2/authorize/code/{registrationId}"
+          redirect-uri: "{baseUrl}/oauth2/authorize/code/{registrationId}"
           scope: user
           authorization-uri: "https://github.com/login/oauth/authorize"
           token-uri: "https://github.com/login/oauth/access_token"