From f44ceeeeeb79cd4e8601d06618449b5a2f916b0e Mon Sep 17 00:00:00 2001 From: "yadong.zhang" Date: Fri, 9 Apr 2021 08:33:21 +0800 Subject: [PATCH] =?UTF-8?q?:zap:=20=E5=A2=9E=E5=8A=A0=E5=BF=BD=E7=95=A5?= =?UTF-8?q?=E6=A0=A1=E9=AA=8C=20redirectUri=20=E7=9A=84=E9=85=8D=E7=BD=AE?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/main/java/me/zhyd/oauth/config/AuthConfig.java | 7 +++++++ src/main/java/me/zhyd/oauth/utils/AuthChecker.java | 9 ++++++++- 2 files changed, 15 insertions(+), 1 deletion(-) diff --git a/src/main/java/me/zhyd/oauth/config/AuthConfig.java b/src/main/java/me/zhyd/oauth/config/AuthConfig.java index e65e94c..38f4ccc 100644 --- a/src/main/java/me/zhyd/oauth/config/AuthConfig.java +++ b/src/main/java/me/zhyd/oauth/config/AuthConfig.java @@ -155,6 +155,13 @@ public class AuthConfig { * @since 1.16.0 */ private String authServerId; + /** + * 忽略校验 {@code redirectUri} 参数,默认不开启。当 {@code ignoreCheckRedirectUri} 为 {@code true} 时, + * {@link me.zhyd.oauth.utils.AuthChecker#checkConfig(AuthConfig, AuthSource)} 将不会校验 {@code redirectUri} 的合法性。 + * + * @since 1.16.1 + */ + private boolean ignoreCheckRedirectUri; /** * 适配 builder 模式 set 值的情况 diff --git a/src/main/java/me/zhyd/oauth/utils/AuthChecker.java b/src/main/java/me/zhyd/oauth/utils/AuthChecker.java index f00113d..319470e 100644 --- a/src/main/java/me/zhyd/oauth/utils/AuthChecker.java +++ b/src/main/java/me/zhyd/oauth/utils/AuthChecker.java @@ -25,7 +25,8 @@ public class AuthChecker { * @since 1.6.1-beta */ public static boolean isSupportedAuth(AuthConfig config, AuthSource source) { - boolean isSupported = StringUtils.isNotEmpty(config.getClientId()) && StringUtils.isNotEmpty(config.getClientSecret()) && StringUtils.isNotEmpty(config.getRedirectUri()); + boolean isSupported = StringUtils.isNotEmpty(config.getClientId()) + && StringUtils.isNotEmpty(config.getClientSecret()); if (isSupported && AuthDefaultSource.ALIPAY == source) { isSupported = StringUtils.isNotEmpty(config.getAlipayPublicKey()); } @@ -56,6 +57,12 @@ public class AuthChecker { */ public static void checkConfig(AuthConfig config, AuthSource source) { String redirectUri = config.getRedirectUri(); + if (config.isIgnoreCheckRedirectUri()) { + return; + } + if (StringUtils.isEmpty(redirectUri)) { + throw new AuthException(AuthResponseStatus.ILLEGAL_REDIRECT_URI, source); + } if (!GlobalAuthUtils.isHttpProtocol(redirectUri) && !GlobalAuthUtils.isHttpsProtocol(redirectUri)) { throw new AuthException(AuthResponseStatus.ILLEGAL_REDIRECT_URI, source); } -- GitLab