fix issue #634 redirect_uri lost

docker-compose-all.yml

@@ -11,7 +11,7 @@ services:
       REACT_APP_EGO_CLIENT_ID: ego-ui
   api:
     # change the image tag to the target image as needed
-    image: overture/ego:4c1969bf
+    image: overture/ego:5.2.0
     environment:
       SERVER_PORT: 8081
       SPRING_DATASOURCE_URL: jdbc:postgresql://postgres:5432/ego?stringtype=unspecified

src/main/java/bio/overture/ego/security/OAuth2RequestResolver.java

@@ -8,6 +8,7 @@
 import org.springframework.security.oauth2.client.web.DefaultOAuth2AuthorizationRequestResolver;
 import org.springframework.security.oauth2.client.web.OAuth2AuthorizationRequestResolver;
 import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest;
+import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
 import org.springframework.util.StringUtils;
 import org.springframework.web.context.request.RequestContextHolder;
 import org.springframework.web.context.request.ServletRequestAttributes;
@@ -20,19 +21,27 @@
  * <p>intended to replace {@see OAuth2ClientResources}
  */
 public class OAuth2RequestResolver implements OAuth2AuthorizationRequestResolver {
+  private final AntPathRequestMatcher authorizationRequestMatcher;
   private DefaultOAuth2AuthorizationRequestResolver resolver;
-
+  private static final String REGISTRATION_ID_URI_VARIABLE_NAME = "registrationId";
   public OAuth2RequestResolver(
       ClientRegistrationRepository clientRegistrationRepository,
       String authorizationRequestBaseUri) {
     this.resolver =
         new DefaultOAuth2AuthorizationRequestResolver(
             clientRegistrationRepository, authorizationRequestBaseUri);
+    this.authorizationRequestMatcher = new AntPathRequestMatcher(
+        authorizationRequestBaseUri + "/{" + REGISTRATION_ID_URI_VARIABLE_NAME + "}");
   }
 
   @SneakyThrows
   @Override
   public OAuth2AuthorizationRequest resolve(HttpServletRequest request) {
+    // check if the request is an oauth2 login request first
+    String registrationId = this.resolveRegistrationId(request);
+    if (registrationId == null) {
+      return this.resolver.resolve(request);
+    }
     val uri = new URI(request.getRequestURI() + "?" + request.getQueryString());
     val attr = (ServletRequestAttributes) RequestContextHolder.currentRequestAttributes();
     val session = attr.getRequest().getSession(true);
@@ -58,4 +67,12 @@ public OAuth2AuthorizationRequest resolve(HttpServletRequest request) {
   public OAuth2AuthorizationRequest resolve(HttpServletRequest request, String registrationId) {
     return this.resolve(request, registrationId);
   }
+
+  private String resolveRegistrationId(HttpServletRequest request) {
+    if (this.authorizationRequestMatcher.matches(request)) {
+      return this.authorizationRequestMatcher.matcher(request).getVariables()
+          .get(REGISTRATION_ID_URI_VARIABLE_NAME);
+    }
+    return null;
+  }
 }

src/test/java/bio/overture/ego/controller/RefreshTokenTest.java

@@ -172,6 +172,9 @@ public void deleteRefresh_missingRefreshToken_Unauthorized() {
 
   private void assertNoRefreshIdCookie(StringResponseOption response) {
     val cookies = response.getResponse().getHeaders().get("Set-Cookie");
+    if (Objects.isNull(cookies)) {
+      return;
+    }
     Objects.requireNonNull(cookies)
         .forEach(
             c -> {