Handled multiple redirect URLs configuration

5dbd4fc3 · Sonia Zorba · 3f8a4404 · 5dbd4fc3 · 5dbd4fc3 · 5dbd4fc3
Commit 5dbd4fc3 authored 4 years ago by Sonia Zorba
--- a/classes/OAuth2RequestHandler.php
+++ b/classes/OAuth2RequestHandler.php
@@ -21,7 +21,7 @@ class OAuth2RequestHandler {
        }
        $client = $this->locator->getBrowserBasedOAuth2ClientById($params['client_id']);
-        if ($client->redirectUrl !== $params['redirect_uri']) {
+        if (!$client->validRedirectUrl($params['redirect_uri'])) {
            throw new BadRequestException("Invalid client redirect URI: " . $params['redirect_uri']);
        }
@@ -40,7 +40,7 @@ class OAuth2RequestHandler {
        // Storing OAuth2 data in session
        $oauth2Data = new OAuth2RequestData();
        $oauth2Data->clientId = $client->client;
-        $oauth2Data->redirectUrl = $client->redirectUrl;
+        $oauth2Data->redirectUrl = $params['redirect_uri'];
        $oauth2Data->state = $state;
        $oauth2Data->nonce = $nonce;

--- a/classes/model/BrowserBasedOAuth2Client.php
+++ b/classes/model/BrowserBasedOAuth2Client.php
@@ -31,7 +31,7 @@ class BrowserBasedOAuth2Client extends BrowserBasedClient {
    public $client;
    public $secretHash;
-    public $redirectUrl;
+    private $redirectUrls;
    public $scope;
    public $homePage;
    public $showInHome;
@@ -43,7 +43,7 @@ class BrowserBasedOAuth2Client extends BrowserBasedClient {
        $this->secretHash = $config->secret;
        $this->title = isset($config->label) ? $config->label : null;
        $this->icon = isset($config->icon) ? $config->icon : null;
-        $this->redirectUrl = $config->redirect;
+        $this->redirectUrls = isset($config->redirect) ? (is_array($config->redirect) ? $config->redirect : [$config->redirect]) : null;
        $this->scope = $config->scope;
        $this->homePage = isset($config->home) ? $config->home : null;
        $this->showInHome = isset($config->showInHome) ? $config->showInHome : false;
@@ -56,4 +56,16 @@ class BrowserBasedOAuth2Client extends BrowserBasedClient {
        return 'client-icons/';
    }
+    public function validRedirectUrl(string $redirectUrl): bool {
+        if ($this->redirectUrls === null) {
+            return false;
+        }
+        foreach ($this->redirectUrls as $url) {
+            if ($redirectUrl === $url) {
+                return true;
+            }
+        }
+        return false;
+    }
 }
--- a/include/admin.php
+++ b/include/admin.php
@@ -88,30 +88,3 @@ Flight::route('POST /admin/keypair', function() {
        "id" => $keyPair->keyId
    ]);
 });
-function buildOAuth2ClientFromData() {
-    $data = Flight::request()->data;
-    $client = new \RAP\BrowserBasedOAuth2Client();
-    if (isset($data)) {
-        if (isset($data['id'])) {
-            $client->id = $data['id'];
-        }
-        $client->title = $data['title'];
-        $client->icon = $data['icon'];
-        $client->client = $data['client'];
-        $client->secret = $data['secret'];
-        $client->redirectUrl = $data['redirectUrl'];
-        $client->scope = $data['scope'];
-        $client->homePage = $data['homePage'];
-        $client->showInHome = $data['showInHome'];
-    }
-    if (isset($data['authMethods'])) {
-        foreach ($data['authMethods'] as $method) {
-            array_push($client->authMethods, $method);
-        }
-    }
-    return $client;
-}
--- a/tests/OAuth2RequestHandlerTest.php
+++ b/tests/OAuth2RequestHandlerTest.php
@@ -62,7 +62,6 @@ final class OAuth2RequestHandlerTest extends TestCase {
                    "scope" => "email profile",
                    "methods" => []
        ]);
-        $client->redirectUrl = "redirect_uri";
        $sessionStub = $this->createMock(\RAP\SessionData::class);