From d1562622424ab63e9480c643e50dd41e79241046 Mon Sep 17 00:00:00 2001 From: Farah Juma Date: Mon, 17 Jan 2022 15:37:19 -0500 Subject: [PATCH] [ELY-2290] Update OidcClientConfiguration#resetUrls to handle the case where the provider-url or auth-server-url isn't valid --- .../security/http/oidc/ElytronMessages.java | 4 +++- .../http/oidc/OidcClientConfiguration.java | 16 ++++++++++------ 2 files changed, 13 insertions(+), 7 deletions(-) diff --git a/http/oidc/src/main/java/org/wildfly/security/http/oidc/ElytronMessages.java b/http/oidc/src/main/java/org/wildfly/security/http/oidc/ElytronMessages.java index d825f06dc60..fb61affc433 100644 --- a/http/oidc/src/main/java/org/wildfly/security/http/oidc/ElytronMessages.java +++ b/http/oidc/src/main/java/org/wildfly/security/http/oidc/ElytronMessages.java @@ -204,7 +204,9 @@ interface ElytronMessages extends BasicLogger { @Message(id = 23048, value = "Invalid URI: '%s'") RuntimeException invalidUri(String uri); - + @LogMessage(level = WARN) + @Message(id = 23049, value = "Invalid 'auth-server-url' or 'provider-url': '%s'") + void invalidAuthServerUrlOrProviderUrl(String url); } diff --git a/http/oidc/src/main/java/org/wildfly/security/http/oidc/OidcClientConfiguration.java b/http/oidc/src/main/java/org/wildfly/security/http/oidc/OidcClientConfiguration.java index 60745588252..250839f12aa 100644 --- a/http/oidc/src/main/java/org/wildfly/security/http/oidc/OidcClientConfiguration.java +++ b/http/oidc/src/main/java/org/wildfly/security/http/oidc/OidcClientConfiguration.java @@ -191,12 +191,16 @@ protected void resetUrls() { jwksUrl = null; relativeUrls = null; if (providerUrl != null || authServerBaseUrl != null) { - URI uri = URI.create(providerUrl != null? providerUrl : authServerBaseUrl); - if (uri.getHost() == null) { - relativeUrls = RelativeUrlsUsed.ALWAYS; - } else { - // We have absolute URI in config - relativeUrls = RelativeUrlsUsed.NEVER; + try { + URI uri = URI.create(providerUrl != null ? providerUrl : authServerBaseUrl); + if (uri.getHost() == null) { + relativeUrls = RelativeUrlsUsed.ALWAYS; + } else { + // We have absolute URI in config + relativeUrls = RelativeUrlsUsed.NEVER; + } + } catch (Exception e) { + log.invalidAuthServerUrlOrProviderUrl(providerUrl != null ? providerUrl : authServerBaseUrl); } } }