Fix redirect_uri resolver

Closes gh-1012

Author: topiam

oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2AuthorizationCodeRequestAuthenticationProvider.java

@@ -333,7 +333,7 @@ private static void throwError(OAuth2Error error, String parameterName,
 			OAuth2AuthorizationCodeRequestAuthenticationToken authorizationCodeRequestAuthentication,
 			RegisteredClient registeredClient, OAuth2AuthorizationRequest authorizationRequest) {
 
-		String redirectUri = resolveRedirectUri(authorizationRequest, registeredClient);
+		String redirectUri = resolveRedirectUri(authorizationCodeRequestAuthentication, authorizationRequest, registeredClient);
 		if (error.getErrorCode().equals(OAuth2ErrorCodes.INVALID_REQUEST) &&
 				(parameterName.equals(OAuth2ParameterNames.CLIENT_ID) ||
 						parameterName.equals(OAuth2ParameterNames.STATE))) {
@@ -350,7 +350,11 @@ private static void throwError(OAuth2Error error, String parameterName,
 		throw new OAuth2AuthorizationCodeRequestAuthenticationException(error, authorizationCodeRequestAuthenticationResult);
 	}
 
-	private static String resolveRedirectUri(OAuth2AuthorizationRequest authorizationRequest, RegisteredClient registeredClient) {
+	private static String resolveRedirectUri(OAuth2AuthorizationCodeRequestAuthenticationToken authorizationCodeRequestAuthentication,
+			OAuth2AuthorizationRequest authorizationRequest, RegisteredClient registeredClient) {
+		if (authorizationCodeRequestAuthentication!=null && StringUtils.hasText(authorizationCodeRequestAuthentication.getRedirectUri())){
+			return authorizationCodeRequestAuthentication.getRedirectUri();
+		}
 		if (authorizationRequest != null && StringUtils.hasText(authorizationRequest.getRedirectUri())) {
 			return authorizationRequest.getRedirectUri();
 		}