From fb57111ecd29b6153917d74162619b357a33c27c Mon Sep 17 00:00:00 2001 From: Joe Grandja Date: Mon, 2 Oct 2017 15:29:03 -0400 Subject: [PATCH] redirect-uri property supports 'baseRedirectUrl' uri variable Fixes gh-4589 --- .../spring-security-oauth2-client-templates.properties | 2 +- .../web/AuthorizationCodeRequestRedirectFilter.java | 9 +++++++++ .../main/resources/META-INF/oauth2-clients-defaults.yml | 2 +- 3 files changed, 11 insertions(+), 2 deletions(-) diff --git a/config/src/main/resources/org/springframework/security/config/oauth2/client/spring-security-oauth2-client-templates.properties b/config/src/main/resources/org/springframework/security/config/oauth2/client/spring-security-oauth2-client-templates.properties index b5ddea8857..7bf434fc80 100644 --- a/config/src/main/resources/org/springframework/security/config/oauth2/client/spring-security-oauth2-client-templates.properties +++ b/config/src/main/resources/org/springframework/security/config/oauth2/client/spring-security-oauth2-client-templates.properties @@ -13,7 +13,7 @@ spring.security.oauth2.client.templates.google.client-alias=google # GitHub spring.security.oauth2.client.templates.github.client-authentication-method=basic spring.security.oauth2.client.templates.github.authorization-grant-type=authorization_code -spring.security.oauth2.client.templates.github.redirect-uri={scheme}://{serverName}:{serverPort}{contextPath}/oauth2/authorize/code/{registrationId} +spring.security.oauth2.client.templates.github.redirect-uri={baseRedirectUrl}/oauth2/authorize/code/{registrationId} spring.security.oauth2.client.templates.github.scope=user spring.security.oauth2.client.templates.github.authorization-uri=https://github.com/login/oauth/authorize spring.security.oauth2.client.templates.github.token-uri=https://github.com/login/oauth/access_token diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/AuthorizationCodeRequestRedirectFilter.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/AuthorizationCodeRequestRedirectFilter.java index 72e2b82919..da97192a89 100644 --- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/AuthorizationCodeRequestRedirectFilter.java +++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/AuthorizationCodeRequestRedirectFilter.java @@ -160,6 +160,15 @@ public class AuthorizationCodeRequestRedirectFilter extends OncePerRequestFilter uriVariables.put("contextPath", request.getContextPath()); uriVariables.put("registrationId", clientRegistration.getRegistrationId()); + String baseRedirectUrl = UriComponentsBuilder.newInstance() + .scheme(request.getScheme()) + .host(request.getServerName()) + .port(request.getServerPort()) + .path(request.getContextPath()) + .build() + .toUriString(); + uriVariables.put("baseRedirectUrl", baseRedirectUrl); + return UriComponentsBuilder.fromUriString(clientRegistration.getRedirectUri()) .buildAndExpand(uriVariables) .toUriString(); diff --git a/samples/boot/oauth2login/src/main/resources/META-INF/oauth2-clients-defaults.yml b/samples/boot/oauth2login/src/main/resources/META-INF/oauth2-clients-defaults.yml index 223a7bd3ca..32436d4c1e 100644 --- a/samples/boot/oauth2login/src/main/resources/META-INF/oauth2-clients-defaults.yml +++ b/samples/boot/oauth2login/src/main/resources/META-INF/oauth2-clients-defaults.yml @@ -15,7 +15,7 @@ security: github: client-authentication-method: basic authorization-grant-type: authorization_code - redirect-uri: "{scheme}://{serverName}:{serverPort}{contextPath}/oauth2/authorize/code/{registrationId}" + redirect-uri: "{baseRedirectUrl}/oauth2/authorize/code/{registrationId}" scope: user authorization-uri: "https://github.com/login/oauth/authorize" token-uri: "https://github.com/login/oauth/access_token"