Add authority check for forUrl

[lennartdohmann]

Add authority check for forUrl to get a VaasClientException if it is a client side mistake

[GermanCoding]

LGTM

[unglaublicherdude]

Hm. Wouldn't a toUri be more effective here? Have not tested if that would fail.

[unglaublicherdude]

https://www.baeldung.com/java-validate-url

Just want to avoid that we build our own url validation

[unglaublicherdude]

Yeah. To Uri should work.

    public void testing() {
        Exception exception = assertThrows(URISyntaxException.class, () -> {
            var url_1 = new URL("https://").toURI();
        });
    }

[unglaublicherdude]

A different question is: Why not just accept URIs instead of URLs as parameter.

[GermanCoding]

A different question is: Why not just accept URIs instead of URLs as parameter.

I don't think this makes sense. For example, this

urn:oasis:names:specification:docbook:dtd:xml:4.1.2

is a valid URI as per RFC 3986 (it's a URN, which is also a type of URI). However, it is not a URL. URIs are supersets of URLs and include much more than just URLs. However, we only want to support URLs (and not even all types of URLs, e.g. not file URLs)

[unglaublicherdude]

But than at least we are not consistent

https://github.com/GDATASoftwareAG/vaas/blob/main/java/src/main/java/de/gdata/vaas/ClientCredentialsGrantAuthenticator.java#L32

[lennartdohmann]

But the marked usage of type URI makes kind of sense there because a few lines blow the HTTPRequest builder expects an URI. Otherwise you would create an URI there, convert it to URL and then convert it back to the supertype URI for use.