From a0b6d12ea2424fc3a697a46a3a730201556c5265 Mon Sep 17 00:00:00 2001 From: Esta Nagy Date: Fri, 25 Oct 2024 13:52:52 +0200 Subject: [PATCH] Bugfix: Allow trailing slash in token endpoint path (#1208) - Changes port routing filter to allow trailing slash in case of the token endpoint path {patch} Signed-off-by: Esta Nagy --- .../nagyesta/lowkeyvault/filter/PortSeparationFilter.java | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/lowkey-vault-app/src/main/java/com/github/nagyesta/lowkeyvault/filter/PortSeparationFilter.java b/lowkey-vault-app/src/main/java/com/github/nagyesta/lowkeyvault/filter/PortSeparationFilter.java index 3aedd1b1..b627d678 100644 --- a/lowkey-vault-app/src/main/java/com/github/nagyesta/lowkeyvault/filter/PortSeparationFilter.java +++ b/lowkey-vault-app/src/main/java/com/github/nagyesta/lowkeyvault/filter/PortSeparationFilter.java @@ -14,12 +14,15 @@ @Slf4j public class PortSeparationFilter extends OncePerRequestFilter { + @SuppressWarnings("NullableProblems") @Override protected void doFilterInternal( - final HttpServletRequest request, final HttpServletResponse response, final FilterChain filterChain) + final HttpServletRequest request, + final HttpServletResponse response, + final FilterChain filterChain) throws ServletException, IOException { final var secure = request.isSecure(); - final boolean isTokenRequest = "/metadata/identity/oauth2/token".equals(request.getRequestURI()); + final boolean isTokenRequest = request.getRequestURI().startsWith("/metadata/identity/oauth2/token"); final boolean unsecureTokenRequest = isTokenRequest && !secure; final boolean secureVaultRequest = !isTokenRequest && secure; if (unsecureTokenRequest || secureVaultRequest) {