From e098c3707e011c1315dd4f5d30ff90453a69699e Mon Sep 17 00:00:00 2001
From: Joe Grandja <jgrandja@pivotal.io>
Date: Wed, 15 Nov 2017 14:18:23 -0500
Subject: [PATCH] Update default redirect-uri to use 'baseUrl' template
 variable

Fixes gh-4826
---
 .../security/config/oauth2/client/CommonOAuth2Provider.java | 2 +-
 .../config/oauth2/client/CommonOAuth2ProviderTests.java     | 2 +-
 .../client/InMemoryOAuth2AuthorizedClientServiceTests.java  | 6 +++---
 .../InMemoryClientRegistrationRepositoryTests.java          | 2 +-
 .../web/OAuth2AuthorizationRequestRedirectFilterTests.java  | 6 +++---
 .../client/web/OAuth2LoginAuthenticationFilterTests.java    | 4 ++--
 6 files changed, 11 insertions(+), 11 deletions(-)

diff --git a/config/src/main/java/org/springframework/security/config/oauth2/client/CommonOAuth2Provider.java b/config/src/main/java/org/springframework/security/config/oauth2/client/CommonOAuth2Provider.java
index d59dede571..09b35c834a 100644
--- a/config/src/main/java/org/springframework/security/config/oauth2/client/CommonOAuth2Provider.java
+++ b/config/src/main/java/org/springframework/security/config/oauth2/client/CommonOAuth2Provider.java
@@ -93,7 +93,7 @@ public enum CommonOAuth2Provider {
 		}
 	};
 
-	private static final String DEFAULT_LOGIN_REDIRECT_URL = "{scheme}://{serverName}:{serverPort}{contextPath}/login/oauth2/code/{registrationId}";
+	private static final String DEFAULT_LOGIN_REDIRECT_URL = "{baseUrl}/login/oauth2/code/{registrationId}";
 
 	protected final ClientRegistration.Builder getBuilder(String registrationId,
 															ClientAuthenticationMethod method, String redirectUri) {
diff --git a/config/src/test/java/org/springframework/security/config/oauth2/client/CommonOAuth2ProviderTests.java b/config/src/test/java/org/springframework/security/config/oauth2/client/CommonOAuth2ProviderTests.java
index 3d1ac7c389..add446a78c 100644
--- a/config/src/test/java/org/springframework/security/config/oauth2/client/CommonOAuth2ProviderTests.java
+++ b/config/src/test/java/org/springframework/security/config/oauth2/client/CommonOAuth2ProviderTests.java
@@ -31,7 +31,7 @@ import static org.assertj.core.api.Assertions.assertThat;
  */
 public class CommonOAuth2ProviderTests {
 
-	private static final String DEFAULT_LOGIN_REDIRECT_URL = "{scheme}://{serverName}:{serverPort}{contextPath}/login/oauth2/code/{registrationId}";
+	private static final String DEFAULT_LOGIN_REDIRECT_URL = "{baseUrl}/login/oauth2/code/{registrationId}";
 
 	@Test
 	public void getBuilderWhenGoogleShouldHaveGoogleSettings() throws Exception {
diff --git a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/InMemoryOAuth2AuthorizedClientServiceTests.java b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/InMemoryOAuth2AuthorizedClientServiceTests.java
index fb62ca868b..ae1be0b839 100644
--- a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/InMemoryOAuth2AuthorizedClientServiceTests.java
+++ b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/InMemoryOAuth2AuthorizedClientServiceTests.java
@@ -45,7 +45,7 @@ public class InMemoryOAuth2AuthorizedClientServiceTests {
 		.clientSecret("secret")
 		.clientAuthenticationMethod(ClientAuthenticationMethod.BASIC)
 		.authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE)
-		.redirectUri("{scheme}://{serverName}:{serverPort}{contextPath}/login/oauth2/code/{registrationId}")
+		.redirectUri("{baseUrl}/login/oauth2/code/{registrationId}")
 		.scope("user")
 		.authorizationUri("https://provider.com/oauth2/authorize")
 		.tokenUri("https://provider.com/oauth2/token")
@@ -59,7 +59,7 @@ public class InMemoryOAuth2AuthorizedClientServiceTests {
 		.clientSecret("secret")
 		.clientAuthenticationMethod(ClientAuthenticationMethod.BASIC)
 		.authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE)
-		.redirectUri("{scheme}://{serverName}:{serverPort}{contextPath}/login/oauth2/code/{registrationId}")
+		.redirectUri("{baseUrl}/login/oauth2/code/{registrationId}")
 		.scope("openid", "profile", "email")
 		.authorizationUri("https://provider.com/oauth2/authorize")
 		.tokenUri("https://provider.com/oauth2/token")
@@ -73,7 +73,7 @@ public class InMemoryOAuth2AuthorizedClientServiceTests {
 		.clientSecret("secret")
 		.clientAuthenticationMethod(ClientAuthenticationMethod.BASIC)
 		.authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE)
-		.redirectUri("{scheme}://{serverName}:{serverPort}{contextPath}/login/oauth2/code/{registrationId}")
+		.redirectUri("{baseUrl}/login/oauth2/code/{registrationId}")
 		.scope("openid", "profile")
 		.authorizationUri("https://provider.com/oauth2/authorize")
 		.tokenUri("https://provider.com/oauth2/token")
diff --git a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/registration/InMemoryClientRegistrationRepositoryTests.java b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/registration/InMemoryClientRegistrationRepositoryTests.java
index 70f74fac05..0638c4eb3d 100644
--- a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/registration/InMemoryClientRegistrationRepositoryTests.java
+++ b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/registration/InMemoryClientRegistrationRepositoryTests.java
@@ -40,7 +40,7 @@ public class InMemoryClientRegistrationRepositoryTests {
 		.clientId("client-id")
 		.clientName("client-name")
 		.clientSecret("client-secret")
-		.redirectUri("{scheme}://{serverName}:{serverPort}{contextPath}/login/oauth2/code/{registrationId}")
+		.redirectUri("{baseUrl}/login/oauth2/code/{registrationId}")
 		.scope("user")
 		.tokenUri("https://example.com/oauth/access_token")
 		.build();
diff --git a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/web/OAuth2AuthorizationRequestRedirectFilterTests.java b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/web/OAuth2AuthorizationRequestRedirectFilterTests.java
index e6c439f85c..b8f02897d4 100644
--- a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/web/OAuth2AuthorizationRequestRedirectFilterTests.java
+++ b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/web/OAuth2AuthorizationRequestRedirectFilterTests.java
@@ -56,7 +56,7 @@ public class OAuth2AuthorizationRequestRedirectFilterTests {
 			.clientSecret("secret")
 			.clientAuthenticationMethod(ClientAuthenticationMethod.BASIC)
 			.authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE)
-			.redirectUri("{scheme}://{serverName}:{serverPort}{contextPath}/login/oauth2/code/{registrationId}")
+			.redirectUri("{baseUrl}/login/oauth2/code/{registrationId}")
 			.scope("user")
 			.authorizationUri("https://provider.com/oauth2/authorize")
 			.tokenUri("https://provider.com/oauth2/token")
@@ -69,7 +69,7 @@ public class OAuth2AuthorizationRequestRedirectFilterTests {
 			.clientSecret("secret")
 			.clientAuthenticationMethod(ClientAuthenticationMethod.BASIC)
 			.authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE)
-			.redirectUri("{scheme}://{serverName}:{serverPort}{contextPath}/login/oauth2/code/{registrationId}")
+			.redirectUri("{baseUrl}/login/oauth2/code/{registrationId}")
 			.scope("openid", "profile", "email")
 			.authorizationUri("https://provider.com/oauth2/authorize")
 			.tokenUri("https://provider.com/oauth2/token")
@@ -80,7 +80,7 @@ public class OAuth2AuthorizationRequestRedirectFilterTests {
 		this.registration3 = ClientRegistration.withRegistrationId("registration-3")
 			.clientId("client-3")
 			.authorizationGrantType(AuthorizationGrantType.IMPLICIT)
-			.redirectUri("{scheme}://{serverName}:{serverPort}{contextPath}/login/oauth2/implicit/{registrationId}")
+			.redirectUri("{baseUrl}/login/oauth2/implicit/{registrationId}")
 			.scope("openid", "profile", "email")
 			.authorizationUri("https://provider.com/oauth2/authorize")
 			.tokenUri("https://provider.com/oauth2/token")
diff --git a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/web/OAuth2LoginAuthenticationFilterTests.java b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/web/OAuth2LoginAuthenticationFilterTests.java
index 12508d4643..915d938207 100644
--- a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/web/OAuth2LoginAuthenticationFilterTests.java
+++ b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/web/OAuth2LoginAuthenticationFilterTests.java
@@ -82,7 +82,7 @@ public class OAuth2LoginAuthenticationFilterTests {
 			.clientSecret("secret")
 			.clientAuthenticationMethod(ClientAuthenticationMethod.BASIC)
 			.authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE)
-			.redirectUri("{scheme}://{serverName}:{serverPort}{contextPath}/login/oauth2/code/{registrationId}")
+			.redirectUri("{baseUrl}/login/oauth2/code/{registrationId}")
 			.scope("user")
 			.authorizationUri("https://provider.com/oauth2/authorize")
 			.tokenUri("https://provider.com/oauth2/token")
@@ -95,7 +95,7 @@ public class OAuth2LoginAuthenticationFilterTests {
 			.clientSecret("secret")
 			.clientAuthenticationMethod(ClientAuthenticationMethod.BASIC)
 			.authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE)
-			.redirectUri("{scheme}://{serverName}:{serverPort}{contextPath}/login/oauth2/code/{registrationId}")
+			.redirectUri("{baseUrl}/login/oauth2/code/{registrationId}")
 			.scope("openid", "profile", "email")
 			.authorizationUri("https://provider.com/oauth2/authorize")
 			.tokenUri("https://provider.com/oauth2/token")