We use cookies to ensure you get the best experience on our website
Página Principal Explorar Ajuda
Registe-se Iniciar Sessão
0ct0pu5
/
fess
1
0
Fork 0
Ficheiros Problemas 0 Pull Requests 0 Wiki
Ver Fonte

fix #2088 add aad.reply.url

Shinsuke Sugaya há 6 anos atrás
pai
9ca7671812
commit
1f4466e23a
1 ficheiros alterados com 12 adições e 2 exclusões
Visão Dividida Mostrar Estatísticas Diff
  1. 12 2
      src/main/java/org/codelibs/fess/sso/aad/AzureAdAuthenticator.java

+ 12 - 2
src/main/java/org/codelibs/fess/sso/aad/AzureAdAuthenticator.java
Ver Ficheiro 

@@ -82,6 +82,8 @@ public class AzureAdAuthenticator implements SsoAuthenticator {
 
 
     protected static final String AZUREAD_CLIENT_ID = "aad.client.id";
 
 
+    protected static final String AZUREAD_REPLY_URL = "aad.reply.url";
 
+
 
     protected static final String STATES = "aadStates";
 
 
     protected static final String STATE = "state";
 
@@ -129,7 +131,7 @@ public class AzureAdAuthenticator implements SsoAuthenticator {
 
         final String authUrl =
 
                 getAuthority() + getTenant()
 
                         + "/oauth2/authorize?response_type=code&scope=directory.read.all&response_mode=form_post&redirect_uri="
 
-                        + URLEncoder.encode(request.getRequestURL().toString(), Constants.UTF_8_CHARSET) + "&client_id=" + getClientId()
 
+                        + URLEncoder.encode(getReplyUrl(request), Constants.UTF_8_CHARSET) + "&client_id=" + getClientId()
 
                         + "&resource=https%3a%2f%2fgraph.microsoft.com" + "&state=" + state + "&nonce=" + nonce;
 
         if (logger.isDebugEnabled()) {
 
             logger.debug("redirect to: {}", authUrl);
 
@@ -179,7 +181,7 @@ public class AzureAdAuthenticator implements SsoAuthenticator {
 
         if (authResponse instanceof AuthenticationSuccessResponse) {
 
             final AuthenticationSuccessResponse oidcResponse = (AuthenticationSuccessResponse) authResponse;
 
             validateAuthRespMatchesCodeFlow(oidcResponse);
 
-            final AuthenticationResult authData = getAccessToken(oidcResponse.getAuthorizationCode(), request.getRequestURL().toString());
 
+            final AuthenticationResult authData = getAccessToken(oidcResponse.getAuthorizationCode(), getReplyUrl(request));
 
             validateNonce(stateData, authData);
 
 
             return new AzureAdCredential(authData);
 
@@ -437,6 +439,14 @@ public class AzureAdAuthenticator implements SsoAuthenticator {
 
         return Long.parseLong(ComponentUtil.getFessConfig().getSystemProperty(AZUREAD_STATE_TTL, "3600"));
 
     }
 
 
+    protected String getReplyUrl(final HttpServletRequest request) {
 
+        final String value = ComponentUtil.getFessConfig().getSystemProperty(AZUREAD_REPLY_URL, StringUtil.EMPTY);
 
+        if (StringUtil.isNotBlank(value)) {
 
+            return value;
 
+        }
 
+        return request.getRequestURL().toString();
 
+    }
 
+
 
     @Override
 
     public void resolveCredential(final LoginCredentialResolver resolver) {
 
         resolver.resolve(AzureAdCredential.class, credential -> {

Contact | Legal | Takedown | Status
Self-hosted public services - About
NibbleSpot by 0ct0pu5