Skip to content

Commit b6c813c

Browse files
jzheauxjzheaux
committed
ClientRegistrations supports hostnames with underscores
Issue gh-15852
1 parent 3d15be1 commit b6c813c

File tree

2 files changed

+44
-24
lines changed

2 files changed

+44
-24
lines changed

Diff for: oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/registration/ClientRegistrations.java

+32-24
Original file line numberDiff line numberDiff line change
@@ -17,7 +17,6 @@
1717
package org.springframework.security.oauth2.client.registration;
1818

1919
import java.net.URI;
20-
import java.util.Collections;
2120
import java.util.LinkedHashMap;
2221
import java.util.List;
2322
import java.util.Map;
@@ -146,7 +145,7 @@ public static ClientRegistration.Builder fromOidcConfiguration(Map<String, Objec
146145
*/
147146
public static ClientRegistration.Builder fromOidcIssuerLocation(String issuer) {
148147
Assert.hasText(issuer, "issuer cannot be empty");
149-
return getBuilder(issuer, oidc(URI.create(issuer)));
148+
return getBuilder(issuer, oidc(issuer));
150149
}
151150

152151
/**
@@ -189,21 +188,17 @@ public static ClientRegistration.Builder fromOidcIssuerLocation(String issuer) {
189188
*/
190189
public static ClientRegistration.Builder fromIssuerLocation(String issuer) {
191190
Assert.hasText(issuer, "issuer cannot be empty");
192-
URI uri = URI.create(issuer);
193-
return getBuilder(issuer, oidc(uri), oidcRfc8414(uri), oauth(uri));
191+
return getBuilder(issuer, oidc(issuer), oidcRfc8414(issuer), oauth(issuer));
194192
}
195193

196-
private static Supplier<ClientRegistration.Builder> oidc(URI issuer) {
197-
// @formatter:off
198-
URI uri = UriComponentsBuilder.fromUri(issuer)
199-
.replacePath(issuer.getPath() + OIDC_METADATA_PATH)
200-
.build(Collections.emptyMap());
194+
static Supplier<ClientRegistration.Builder> oidc(String issuer) {
195+
UriComponents uri = oidcUri(issuer);
201196
// @formatter:on
202197
return () -> {
203-
RequestEntity<Void> request = RequestEntity.get(uri).build();
198+
RequestEntity<Void> request = RequestEntity.get(uri.toUriString()).build();
204199
Map<String, Object> configuration = rest.exchange(request, typeReference).getBody();
205200
OIDCProviderMetadata metadata = parse(configuration, OIDCProviderMetadata::parse);
206-
ClientRegistration.Builder builder = withProviderConfiguration(metadata, issuer.toASCIIString())
201+
ClientRegistration.Builder builder = withProviderConfiguration(metadata, issuer)
207202
.jwkSetUri(metadata.getJWKSetURI().toASCIIString());
208203
if (metadata.getUserInfoEndpointURI() != null) {
209204
builder.userInfoUri(metadata.getUserInfoEndpointURI().toASCIIString());
@@ -212,35 +207,48 @@ private static Supplier<ClientRegistration.Builder> oidc(URI issuer) {
212207
};
213208
}
214209

215-
private static Supplier<ClientRegistration.Builder> oidcRfc8414(String issuer) {
216-
URI uri = oidcRfc8414Uri(issuer);
210+
static UriComponents oidcUri(String issuer) {
211+
UriComponents uri = UriComponentsBuilder.fromUriString(issuer).build();
212+
// @formatter:off
213+
return UriComponentsBuilder.newInstance().uriComponents(uri)
214+
.replacePath(uri.getPath() + OIDC_METADATA_PATH)
215+
.build();
216+
}
217+
218+
static Supplier<ClientRegistration.Builder> oidcRfc8414(String issuer) {
219+
UriComponents uri = oidcRfc8414Uri(issuer);
220+
// @formatter:on
217221
return getRfc8414Builder(issuer, uri);
218222
}
219223

220-
static URI oidcRfc8414Uri(String issuer) {
224+
static UriComponents oidcRfc8414Uri(String issuer) {
221225
UriComponents uri = UriComponentsBuilder.fromUriString(issuer).build();
222226
// @formatter:off
223227
return UriComponentsBuilder.newInstance().uriComponents(uri)
224228
.replacePath(OIDC_METADATA_PATH + uri.getPath())
225-
.build(Collections.emptyMap());
226-
// @formatter:on
229+
.build();
230+
}
231+
232+
static Supplier<ClientRegistration.Builder> oauth(String issuer) {
233+
UriComponents uri = oauthUri(issuer);
234+
return getRfc8414Builder(issuer, uri);
227235
}
228236

229-
private static Supplier<ClientRegistration.Builder> oauth(URI issuer) {
237+
static UriComponents oauthUri(String issuer) {
238+
UriComponents uri = UriComponentsBuilder.fromUriString(issuer).build();
230239
// @formatter:off
231-
URI uri = UriComponentsBuilder.fromUri(issuer)
232-
.replacePath(OAUTH_METADATA_PATH + issuer.getPath())
233-
.build(Collections.emptyMap());
240+
return UriComponentsBuilder.newInstance().uriComponents(uri)
241+
.replacePath(OAUTH_METADATA_PATH + uri.getPath())
242+
.build();
234243
// @formatter:on
235-
return getRfc8414Builder(issuer, uri);
236244
}
237245

238-
private static Supplier<ClientRegistration.Builder> getRfc8414Builder(URI issuer, URI uri) {
246+
private static Supplier<ClientRegistration.Builder> getRfc8414Builder(String issuer, UriComponents uri) {
239247
return () -> {
240-
RequestEntity<Void> request = RequestEntity.get(uri).build();
248+
RequestEntity<Void> request = RequestEntity.get(uri.toUriString()).build();
241249
Map<String, Object> configuration = rest.exchange(request, typeReference).getBody();
242250
AuthorizationServerMetadata metadata = parse(configuration, AuthorizationServerMetadata::parse);
243-
ClientRegistration.Builder builder = withProviderConfiguration(metadata, issuer.toASCIIString());
251+
ClientRegistration.Builder builder = withProviderConfiguration(metadata, issuer);
244252
URI jwkSetUri = metadata.getJWKSetURI();
245253
if (jwkSetUri != null) {
246254
builder.jwkSetUri(jwkSetUri.toASCIIString());

Diff for: oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/registration/ClientRegistrationsTests.java

+12
Original file line numberDiff line numberDiff line change
@@ -34,6 +34,7 @@
3434
import org.springframework.http.MediaType;
3535
import org.springframework.security.oauth2.core.AuthorizationGrantType;
3636
import org.springframework.security.oauth2.core.ClientAuthenticationMethod;
37+
import org.springframework.web.util.UriComponents;
3738

3839
import static org.assertj.core.api.Assertions.assertThat;
3940
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
@@ -569,6 +570,17 @@ public void issuerWhenOidcConfigurationTlsClientAuthMethodThenSuccess() throws E
569570
.isEqualTo(ClientAuthenticationMethod.CLIENT_SECRET_BASIC);
570571
}
571572

573+
// gh-15852
574+
@Test
575+
public void oidcWhenHostContainsUnderscoreThenRetains() {
576+
UriComponents oidc = ClientRegistrations.oidcUri("https://elated_sutherland:8080/path");
577+
assertThat(oidc.getHost()).isEqualTo("elated_sutherland");
578+
UriComponents oauth = ClientRegistrations.oauthUri("https://elated_sutherland:8080/path");
579+
assertThat(oauth.getHost()).isEqualTo("elated_sutherland");
580+
UriComponents oidcRfc8414 = ClientRegistrations.oidcRfc8414Uri("https://elated_sutherland:8080/path");
581+
assertThat(oidcRfc8414.getHost()).isEqualTo("elated_sutherland");
582+
}
583+
572584
private ClientRegistration.Builder registration(String path) throws Exception {
573585
this.issuer = createIssuerFromServer(path);
574586
this.response.put("issuer", this.issuer);

0 commit comments

Comments
 (0)