Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Default value for ClientRegistration redirect-uri #16377

Open
Tracked by #16378
rwinch opened this issue Jan 8, 2025 · 0 comments
Open
Tracked by #16378

Default value for ClientRegistration redirect-uri #16377

rwinch opened this issue Jan 8, 2025 · 0 comments
Assignees
@rwinch
Labels
in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: enhancement A general enhancement
Milestone
6.5.0-M1

Comments

@rwinch
Copy link
Member

rwinch commented Jan 8, 2025
edited
Loading

If the Client Registration redirect-uri property is missing from a Spring Boot application, it fails on startup with:

Caused by: java.lang.IllegalArgumentException: redirectUri cannot be empty
	at org.springframework.util.Assert.hasText(Assert.java:253) ~[spring-core-6.2.1.jar:6.2.1]
	at org.springframework.security.oauth2.client.registration.ClientRegistration$Builder.validateAuthorizationCodeGrantType(ClientRegistration.java:659) ~[spring-security-oauth2-client-6.4.2.jar:6.4.2]
	at org.springframework.security.oauth2.client.registration.ClientRegistration$Builder.build(ClientRegistration.java:610) ~[spring-security-oauth2-client-6.4.2.jar:6.4.2]
	at org.springframework.boot.autoconfigure.security.oauth2.client.OAuth2ClientPropertiesMapper.getClientRegistration(OAuth2ClientPropertiesMapper.java:87) ~[spring-boot-autoconfigure-3.4.1.jar:3.4.1]
	...

The redirect URI should be defaulted to {baseUrl}/login/oauth2/code/{registrationId}. I'm not sure if it makes sense for this to default in Spring Security or Boot, but a user should not have to provide the property
@rwinch rwinch added type: enhancement A general enhancement in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) labels Jan 8, 2025
@rwinch rwinch added this to the 6.5.0-M1 milestone Jan 8, 2025
@rwinch rwinch self-assigned this Jan 8, 2025
@rwinch rwinch changed the title Default value for redirect-uri Default value for ClientRegistration redirect-uri Jan 8, 2025
@rwinch rwinch mentioned this issue Jan 8, 2025
Open
5 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@rwinch rwinch

Labels
in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: enhancement A general enhancement
Projects
None yet
Milestone
6.5.0-M1
Development

No branches or pull requests
1 participant
@rwinch