Package com.nimbusds.oauth2.sdk.client
Class RedirectURIValidator
- java.lang.Object
-
- com.nimbusds.oauth2.sdk.client.RedirectURIValidator
-
public final class RedirectURIValidator extends Object
Redirection URI validator.
-
-
Field Summary
Fields Modifier and Type Field Description static Set<String>
PROHIBITED_REDIRECT_URI_QUERY_PARAMETER_NAMES
Prohibitedredirect_uri
query parameters.static Set<String>
PROHIBITED_REDIRECT_URI_SCHEMES
Prohibitedredirect_uri
schemes.
-
Method Summary
All Methods Static Methods Concrete Methods Modifier and Type Method Description static void
ensureLegal(URI redirectURI)
Ensures the specified redirection URI is legal.
-
-
-
Field Detail
-
PROHIBITED_REDIRECT_URI_SCHEMES
public static final Set<String> PROHIBITED_REDIRECT_URI_SCHEMES
Prohibitedredirect_uri
schemes. See https://security.lauritz-holtmann.de/post/sso-security-redirect-uri/.
-
PROHIBITED_REDIRECT_URI_QUERY_PARAMETER_NAMES
public static final Set<String> PROHIBITED_REDIRECT_URI_QUERY_PARAMETER_NAMES
Prohibitedredirect_uri
query parameters. See "OAuth 2.0 Redirect URI Validation Falls Short, Literally", by Tommaso Innocenti, Matteo Golinelli, Kaan Onarlioglu, Bruno Crispo, Engin Kirda. Presented at OAuth Security Workshop 2023.
-
-
Method Detail
-
ensureLegal
public static void ensureLegal(URI redirectURI)
Ensures the specified redirection URI is legal.The URI:
- Must not contain fragment;
- Must not have a
prohibited URI scheme
; - Must not have a
prohibited query parameter
.
- Parameters:
redirectURI
- The redirect URI to check,null
if not specified.- Throws:
IllegalArgumentException
- If the redirection URI is illegal.
-
-