diff --git a/jans-auth-server/server/src/main/java/io/jans/as/server/token/ws/rs/TokenRestWebServiceValidator.java b/jans-auth-server/server/src/main/java/io/jans/as/server/token/ws/rs/TokenRestWebServiceValidator.java index b498c42a64c..e87d36b368a 100644 --- a/jans-auth-server/server/src/main/java/io/jans/as/server/token/ws/rs/TokenRestWebServiceValidator.java +++ b/jans-auth-server/server/src/main/java/io/jans/as/server/token/ws/rs/TokenRestWebServiceValidator.java @@ -82,7 +82,7 @@ public void validatePKCE(AuthorizationCodeGrant grant, String codeVerifier, OAut } public void validateParams(String grantType, String code, - String redirectUri, String refreshToken, OAuth2AuditLog auditLog) { + String refreshToken, OAuth2AuditLog auditLog) { log.debug("Starting to validate request parameters"); if (grantType == null || grantType.isEmpty()) { final String msg = "Grant Type is not set."; @@ -98,11 +98,6 @@ public void validateParams(String grantType, String code, log.trace(msg); throw new WebApplicationException(response(error(400, TokenErrorResponseType.INVALID_REQUEST, msg), auditLog)); } - if (StringUtils.isBlank(redirectUri)) { - final String msg = "redirect_uri is not set for AUTHORIZATION_CODE."; - log.trace(msg); - throw new WebApplicationException(response(error(400, TokenErrorResponseType.INVALID_REQUEST, msg), auditLog)); - } return; } @@ -173,6 +168,14 @@ public void validateGrant(AuthorizationGrant grant, Client client, Object identi validateGrant(grant, client, identifier, auditLog, null); } + public void validateRedirectUri(String redirectUri, OAuth2AuditLog auditLog) { + if (StringUtils.isBlank(redirectUri)) { + final String msg = "redirect_uri is not set for AUTHORIZATION_CODE."; + log.trace(msg); + throw new WebApplicationException(response(error(400, TokenErrorResponseType.INVALID_REQUEST, msg), auditLog)); + } + } + public void validateGrant(AuthorizationGrant grant, Client client, Object identifier, OAuth2AuditLog auditLog, Consumer onFailure) { if (grant == null) { diff --git a/jans-auth-server/server/src/test/java/io/jans/as/server/token/ws/rs/TokenRestWebServiceValidatorTest.java b/jans-auth-server/server/src/test/java/io/jans/as/server/token/ws/rs/TokenRestWebServiceValidatorTest.java index e9dadf62482..faf11a03f63 100644 --- a/jans-auth-server/server/src/test/java/io/jans/as/server/token/ws/rs/TokenRestWebServiceValidatorTest.java +++ b/jans-auth-server/server/src/test/java/io/jans/as/server/token/ws/rs/TokenRestWebServiceValidatorTest.java @@ -172,7 +172,7 @@ public void validateActorTokenType_withValidTokenType_shouldPassSuccessfully() { @Test public void validateParams_whenGrantTypeIsBlank_shouldRaiseError() { try { - validator.validateParams("", "some_code", "https://my.redirect", "refresh_token", AUDIT_LOG); + validator.validateParams("", "some_code", "refresh_token", AUDIT_LOG); } catch (WebApplicationException e) { assertBadRequest(e.getResponse()); return; @@ -183,7 +183,7 @@ public void validateParams_whenGrantTypeIsBlank_shouldRaiseError() { @Test public void validateParams_whenGrantTypeIsAuthorizationCodeAndCodeIsBlank_shouldRaiseError() { try { - validator.validateParams(GrantType.AUTHORIZATION_CODE.getValue(), "", "https://my.redirect", "refresh_token", AUDIT_LOG); + validator.validateParams(GrantType.AUTHORIZATION_CODE.getValue(), "", "refresh_token", AUDIT_LOG); } catch (WebApplicationException e) { assertBadRequest(e.getResponse()); return; @@ -191,22 +191,10 @@ public void validateParams_whenGrantTypeIsAuthorizationCodeAndCodeIsBlank_should fail("No error for blank code for AUTHORIZATION_CODE grant type."); } - - @Test - public void validateParams_whenGrantTypeIsAuthorizationCodeAndRedirectUriIsBlank_shouldRaiseError() { - try { - validator.validateParams(GrantType.AUTHORIZATION_CODE.getValue(), "some_code", "", "refresh_token", AUDIT_LOG); - } catch (WebApplicationException e) { - assertBadRequest(e.getResponse()); - return; - } - fail("No error for blank redirect_uri for AUTHORIZATION_CODE grant type."); - } - @Test public void validateParams_whenGrantTypeIsRefreshTokenAndRefreshTokenIsBlank_shouldRaiseError() { try { - validator.validateParams(GrantType.REFRESH_TOKEN.getValue(), "some_code", "https://my.redirect", "", AUDIT_LOG); + validator.validateParams(GrantType.REFRESH_TOKEN.getValue(), "some_code", "", AUDIT_LOG); } catch (WebApplicationException e) { assertBadRequest(e.getResponse()); return; @@ -217,7 +205,7 @@ public void validateParams_whenGrantTypeIsRefreshTokenAndRefreshTokenIsBlank_sho @Test public void validateParams_whenGrantTypeIsAuthorizationCodeAndCodeIsNotBlank_shouldNotRaiseError() { try { - validator.validateParams(GrantType.AUTHORIZATION_CODE.getValue(), "some_code", "https://my.redirect", "", AUDIT_LOG); + validator.validateParams(GrantType.AUTHORIZATION_CODE.getValue(), "some_code", "", AUDIT_LOG); } catch (WebApplicationException e) { fail("Error occurs. We should not get it."); } @@ -226,7 +214,7 @@ public void validateParams_whenGrantTypeIsAuthorizationCodeAndCodeIsNotBlank_sho @Test public void validateParams_whenGrantTypeIsRefreshTokenAndRefreshTokenIsNotBlank_shouldNotRaiseError() { try { - validator.validateParams(GrantType.REFRESH_TOKEN.getValue(), "", "https://my.redirect", "refresh_token", AUDIT_LOG); + validator.validateParams(GrantType.REFRESH_TOKEN.getValue(), "", "refresh_token", AUDIT_LOG); } catch (WebApplicationException e) { fail("Error occurs. We should not get it."); }