Skip to content

Commit a8ab432

Browse files
jzheauxjzheaux
committed
Add placeholders to reactive post_logout_redirect_uri
Now also supports baseScheme, baseHost, basePort, and basePath Issue gh-11229
1 parent ebb5746 commit a8ab432

File tree

2 files changed

+50
-3
lines changed

2 files changed

+50
-3
lines changed

oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/oidc/web/server/logout/OidcClientInitiatedServerLogoutSuccessHandler.java

Lines changed: 21 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -132,7 +132,19 @@ private String postLogoutRedirectUri(ServerHttpRequest request, ClientRegistrati
132132
.build();
133133

134134
Map<String, String> uriVariables = new HashMap<>();
135+
String scheme = uriComponents.getScheme();
136+
uriVariables.put("baseScheme", (scheme != null) ? scheme : "");
135137
uriVariables.put("baseUrl", uriComponents.toUriString());
138+
139+
String host = uriComponents.getHost();
140+
uriVariables.put("baseHost", (host != null) ? host : "");
141+
142+
String path = uriComponents.getPath();
143+
uriVariables.put("basePath", (path != null) ? path : "");
144+
145+
int port = uriComponents.getPort();
146+
uriVariables.put("basePort", (port == -1) ? "" : ":" + port);
147+
136148
uriVariables.put("registrationId", clientRegistration.getRegistrationId());
137149

138150
return UriComponentsBuilder.fromUriString(this.postLogoutRedirectUri)
@@ -154,8 +166,15 @@ public void setPostLogoutRedirectUri(URI postLogoutRedirectUri) {
154166
}
155167

156168
/**
157-
* Set the post logout redirect uri template to use. Supports the {@code "{baseUrl}"}
158-
* placeholder, for example:
169+
* Set the post logout redirect uri template.
170+
*
171+
* <br />
172+
* The supported uri template variables are: {@code {baseScheme}}, {@code {baseHost}},
173+
* {@code {basePort}} and {@code {basePath}}.
174+
*
175+
* <br />
176+
* <b>NOTE:</b> {@code {baseUrl}} is also supported, which is the same as
177+
* {@code "{baseScheme}://{baseHost}{basePort}{basePath}"}
159178
*
160179
* <pre>
161180
* handler.setPostLogoutRedirectUri("{baseUrl}");

oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/oidc/web/server/logout/OidcClientInitiatedServerLogoutSuccessHandlerTests.java

Lines changed: 29 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -135,7 +135,7 @@ public void logoutWhenUsingPostLogoutRedirectUriThenIncludesItInRedirect() {
135135
}
136136

137137
@Test
138-
public void logoutWhenUsingPostLogoutRedirectUriTemplateThenBuildsItForRedirect()
138+
public void logoutWhenUsingPostLogoutBaseUrlRedirectUriTemplateThenBuildsItForRedirect()
139139
throws IOException, ServletException {
140140
OAuth2AuthenticationToken token = new OAuth2AuthenticationToken(TestOidcUsers.create(),
141141
AuthorityUtils.NO_AUTHORITIES, this.registration.getRegistrationId());
@@ -162,6 +162,34 @@ public void logoutWhenUsingPostLogoutRedirectUriWithQueryParametersThenBuildsItF
162162
+ "post_logout_redirect_uri=https://rp.example.org/context?forwardUrl%3Dsecured%253Fparam%253Dtrue");
163163
}
164164

165+
@Test
166+
public void logoutWhenUsingPostLogoutRedirectUriTemplateThenBuildsItForRedirect() {
167+
OAuth2AuthenticationToken token = new OAuth2AuthenticationToken(TestOidcUsers.create(),
168+
AuthorityUtils.NO_AUTHORITIES, this.registration.getRegistrationId());
169+
given(this.exchange.getPrincipal()).willReturn(Mono.just(token));
170+
MockServerHttpRequest request = MockServerHttpRequest.get("https://rp.example.org/").build();
171+
given(this.exchange.getRequest()).willReturn(request);
172+
WebFilterExchange f = new WebFilterExchange(this.exchange, this.chain);
173+
this.handler.setPostLogoutRedirectUri("{baseScheme}://{baseHost}{basePort}{basePath}");
174+
this.handler.onLogoutSuccess(f, token).block();
175+
assertThat(redirectedUrl(this.exchange)).isEqualTo(
176+
"https://endpoint?" + "id_token_hint=id-token&" + "post_logout_redirect_uri=https://rp.example.org");
177+
}
178+
179+
@Test
180+
public void logoutWhenUsingPostLogoutRedirectUriTemplateWithOtherPortThenBuildsItForRedirect() {
181+
OAuth2AuthenticationToken token = new OAuth2AuthenticationToken(TestOidcUsers.create(),
182+
AuthorityUtils.NO_AUTHORITIES, this.registration.getRegistrationId());
183+
given(this.exchange.getPrincipal()).willReturn(Mono.just(token));
184+
MockServerHttpRequest request = MockServerHttpRequest.get("https://rp.example.org:400").build();
185+
given(this.exchange.getRequest()).willReturn(request);
186+
WebFilterExchange f = new WebFilterExchange(this.exchange, this.chain);
187+
this.handler.setPostLogoutRedirectUri("{baseScheme}://{baseHost}{basePort}{basePath}");
188+
this.handler.onLogoutSuccess(f, token).block();
189+
assertThat(redirectedUrl(this.exchange)).isEqualTo("https://endpoint?" + "id_token_hint=id-token&"
190+
+ "post_logout_redirect_uri=https://rp.example.org:400");
191+
}
192+
165193
@Test
166194
public void logoutWhenUsingPostLogoutRedirectUriTemplateThenBuildsItForRedirectExpanded()
167195
throws IOException, ServletException {

0 commit comments

Comments
 (0)