diff --git a/src/main/java/org/jenkinsci/plugins/oic/OicSecurityRealm.java b/src/main/java/org/jenkinsci/plugins/oic/OicSecurityRealm.java index d6dd305c..4db90324 100644 --- a/src/main/java/org/jenkinsci/plugins/oic/OicSecurityRealm.java +++ b/src/main/java/org/jenkinsci/plugins/oic/OicSecurityRealm.java @@ -730,7 +730,7 @@ protected AuthorizationCodeFlow buildAuthorizationCodeFlow() { return builder.build(); } - private String getValidRedirectUrl(String url) { + protected String getValidRedirectUrl(String url) { if (url != null && !url.isEmpty()) { // Check if the URL is relative and starts with a slash if (url.startsWith("/")) { diff --git a/src/test/java/org/jenkinsci/plugins/oic/OicSecurityRealmTest.java b/src/test/java/org/jenkinsci/plugins/oic/OicSecurityRealmTest.java index cefe94fb..6b3213be 100644 --- a/src/test/java/org/jenkinsci/plugins/oic/OicSecurityRealmTest.java +++ b/src/test/java/org/jenkinsci/plugins/oic/OicSecurityRealmTest.java @@ -4,6 +4,8 @@ import com.github.tomakehurst.wiremock.junit.WireMockRule; import hudson.util.Secret; import java.io.IOException; +import java.net.MalformedURLException; + import org.acegisecurity.AuthenticationManager; import org.acegisecurity.BadCredentialsException; import org.acegisecurity.GrantedAuthority; @@ -16,6 +18,7 @@ import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertNotNull; +import static org.junit.Assert.assertThrows; public class OicSecurityRealmTest { @@ -83,4 +86,16 @@ public void testShouldSetNullClientSecretWhenSecretIsNone() throws IOException { .build(); assertEquals("none", Secret.toString(realm.getClientSecret())); } + + @Test + public void testGetValidRedirectUrl() throws IOException { + String rootUrl = "https://ci.example.com/"; + TestRealm realm = new TestRealm.Builder(rootUrl) + .WithMinimalDefaults().build(); + assertEquals(rootUrl + "foo", realm.getValidRedirectUrl("/foo")); + assertEquals(rootUrl + "bar", realm.getValidRedirectUrl(rootUrl + "/bar")); + assertEquals(rootUrl, realm.getValidRedirectUrl(null)); + assertEquals(rootUrl, realm.getValidRedirectUrl("")); + assertThrows(MalformedURLException.class, () -> realm.getValidRedirectUrl("foobar")); + } }