Skip to content

Commit

Permalink
Merge pull request keycloak#1994 from stianst/KEYCLOAK-2259
Browse files Browse the repository at this point in the history
KEYCLOAK-2259
  • Loading branch information
stianst committed Jan 8, 2016
2 parents 0985d3c + ddd99c2 commit ecd3101
Show file tree
Hide file tree
Showing 2 changed files with 39 additions and 0 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -63,6 +63,8 @@ private static String verifyRedirectUri(UriInfo uriInfo, String rootUrl, String
logger.debug("No Redirect URIs supplied");
redirectUri = null;
} else {
redirectUri = lowerCaseHostname(redirectUri);

String r = redirectUri.indexOf('?') != -1 ? redirectUri.substring(0, redirectUri.indexOf('?')) : redirectUri;
Set<String> resolveValidRedirects = resolveValidRedirects(uriInfo, rootUrl, validRedirects);

Expand Down Expand Up @@ -96,6 +98,15 @@ private static String verifyRedirectUri(UriInfo uriInfo, String rootUrl, String
}
}

private static String lowerCaseHostname(String redirectUri) {
int n = redirectUri.indexOf('/', 7);
if (n == -1) {
return redirectUri.toLowerCase();
} else {
return redirectUri.substring(0, n).toLowerCase() + redirectUri.substring(n);
}
}

private static String relativeToAbsoluteURI(UriInfo uriInfo, String rootUrl, String relative) {
if (rootUrl == null) {
URI baseUri = uriInfo.getBaseUri();
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -65,8 +65,15 @@ public void config(RealmManager manager, RealmModel adminstrationRealm, RealmMod
ClientModel installedApp3 = KeycloakModelUtils.createClient(appRealm, "test-wildcard");
installedApp3.setEnabled(true);
installedApp3.addRedirectUri("http://example.com/foo/*");
installedApp3.addRedirectUri("http://with-dash.example.com/foo/*");
installedApp3.addRedirectUri("http://localhost:8081/foo/*");
installedApp3.setSecret("password");

ClientModel installedApp4 = KeycloakModelUtils.createClient(appRealm, "test-dash");
installedApp4.setEnabled(true);
installedApp4.addRedirectUri("http://with-dash.example.com");
installedApp4.addRedirectUri("http://with-dash.example.com/foo");
installedApp4.setSecret("password");
}
});

Expand Down Expand Up @@ -216,6 +223,27 @@ public void testWildcard() throws IOException {
checkRedirectUri("http://localhost:8081/foobar", false, true);
}

@Test
public void testDash() throws IOException {
oauth.clientId("test-dash");

checkRedirectUri("http://with-dash.example.com/foo", true);
}

@Test
public void testDifferentCaseInHostname() throws IOException {
oauth.clientId("test-dash");

checkRedirectUri("http://with-dash.example.com", true);
checkRedirectUri("http://wiTh-dAsh.example.com", true);
checkRedirectUri("http://with-dash.example.com/foo", true);
checkRedirectUri("http://wiTh-dAsh.example.com/foo", true);
checkRedirectUri("http://with-dash.eXampLe.com/foo", true);
checkRedirectUri("http://wiTh-dAsh.eXampLe.com/foo", true);
checkRedirectUri("http://wiTh-dAsh.eXampLe.com/Foo", false);
checkRedirectUri("http://wiTh-dAsh.eXampLe.com/foO", false);
}

@Test
public void testLocalhost() throws IOException {
oauth.clientId("test-installed");
Expand Down

0 comments on commit ecd3101

Please sign in to comment.