admin/JustAuth
1
0
Fork 0
mirror of https://gitee.com/yadong.zhang/JustAuth.git synced 2025-12-07 01:08:24 +08:00
Code Issues Packages Projects Releases Wiki Activity

增加忽略校验 redirectUri 的配置

Browse Source
This commit is contained in:
yadong.zhang 2021-04-09 08:33:21 +08:00
parent ec4c009ed8
commit f44ceeeeeb
2 changed files with 15 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
src/main/java/me/zhyd/oauth/config/AuthConfig.java
View File

@ -155,6 +155,13 @@ public class AuthConfig {
* @since 1.16.0 * @since 1.16.0
*/ */
private String authServerId; private String authServerId;
/**
* 忽略校验 {@code redirectUri} 参数默认不开启 {@code ignoreCheckRedirectUri} {@code true}
* {@link me.zhyd.oauth.utils.AuthChecker#checkConfig(AuthConfig, AuthSource)} 将不会校验 {@code redirectUri} 的合法性
*
* @since 1.16.1
*/
private boolean ignoreCheckRedirectUri;
/** /**
* 适配 builder 模式 set 值的情况 * 适配 builder 模式 set 值的情况

9
src/main/java/me/zhyd/oauth/utils/AuthChecker.java
View File

@ -25,7 +25,8 @@ public class AuthChecker {
* @since 1.6.1-beta * @since 1.6.1-beta
*/ */
public static boolean isSupportedAuth(AuthConfig config, AuthSource source) { public static boolean isSupportedAuth(AuthConfig config, AuthSource source) {
boolean isSupported = StringUtils.isNotEmpty(config.getClientId()) && StringUtils.isNotEmpty(config.getClientSecret()) && StringUtils.isNotEmpty(config.getRedirectUri()); boolean isSupported = StringUtils.isNotEmpty(config.getClientId())
&& StringUtils.isNotEmpty(config.getClientSecret());
if (isSupported && AuthDefaultSource.ALIPAY == source) { if (isSupported && AuthDefaultSource.ALIPAY == source) {
isSupported = StringUtils.isNotEmpty(config.getAlipayPublicKey()); isSupported = StringUtils.isNotEmpty(config.getAlipayPublicKey());
} }
@ -56,6 +57,12 @@ public class AuthChecker {
*/ */
public static void checkConfig(AuthConfig config, AuthSource source) { public static void checkConfig(AuthConfig config, AuthSource source) {
String redirectUri = config.getRedirectUri(); String redirectUri = config.getRedirectUri();
if (config.isIgnoreCheckRedirectUri()) {
return;
}
if (StringUtils.isEmpty(redirectUri)) {
throw new AuthException(AuthResponseStatus.ILLEGAL_REDIRECT_URI, source);
}
if (!GlobalAuthUtils.isHttpProtocol(redirectUri) && !GlobalAuthUtils.isHttpsProtocol(redirectUri)) { if (!GlobalAuthUtils.isHttpProtocol(redirectUri) && !GlobalAuthUtils.isHttpsProtocol(redirectUri)) {
throw new AuthException(AuthResponseStatus.ILLEGAL_REDIRECT_URI, source); throw new AuthException(AuthResponseStatus.ILLEGAL_REDIRECT_URI, source);
} }