RedirectURIValidator (Nimbus OAuth 2.0 SDK with OpenID Connect 1.0 extensions v11.10.1)

java.lang.Object
- com.nimbusds.oauth2.sdk.client.RedirectURIValidator

public final class RedirectURIValidator
extends Object

Redirection URI validator.

Field Summary

Fields
Modifier and Type	Field	Description
`static Set<String>`	`PROHIBITED_REDIRECT_URI_QUERY_PARAMETER_NAMES`	Prohibited `redirect_uri` query parameters.
`static Set<String>`	`PROHIBITED_REDIRECT_URI_SCHEMES`	Prohibited `redirect_uri` schemes.

Method Summary

All Methods Static Methods Concrete Methods
Modifier and Type Method Description

static void ensureLegal(URI redirectURI)
Ensures the specified redirection URI is legal.
- Methods inherited from class java.lang.Object
  clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Field Detail
  - PROHIBITED_REDIRECT_URI_SCHEMES
```
public static final Set<String> PROHIBITED_REDIRECT_URI_SCHEMES
```
    Prohibited redirect_uri schemes. See https://security.lauritz-holtmann.de/post/sso-security-redirect-uri/.
  - PROHIBITED_REDIRECT_URI_QUERY_PARAMETER_NAMES
```
public static final Set<String> PROHIBITED_REDIRECT_URI_QUERY_PARAMETER_NAMES
```
    Prohibited redirect_uri query parameters. See "OAuth 2.0 Redirect URI Validation Falls Short, Literally", by Tommaso Innocenti, Matteo Golinelli, Kaan Onarlioglu, Bruno Crispo, Engin Kirda. Presented at OAuth Security Workshop 2023.
- Method Detail
  - ensureLegal
```
public static void ensureLegal(URI redirectURI)
```
    Ensures the specified redirection URI is legal.
    The URI:
    
    Must not contain fragment;
    Must not have a prohibited URI scheme;
    Must not have a prohibited query parameter.
    Parameters:
    
    redirectURI - The redirect URI to check, null if not specified.
    
    Throws:
    
    IllegalArgumentException - If the redirection URI is illegal.