fix issue #634 redirect_uri lost

docker-compose-all.yml

@@ -11,7 +11,7 @@ services:
       REACT_APP_EGO_CLIENT_ID: ego-ui
   api:
     # change the image tag to the target image as needed
-    image: overture/ego:4c1969bf
+    image: overture/ego:5.2.0
     environment:
       SERVER_PORT: 8081
       SPRING_DATASOURCE_URL: jdbc:postgresql://postgres:5432/ego?stringtype=unspecified

src/main/java/bio/overture/ego/security/OAuth2RequestResolver.java

@@ -8,31 +8,44 @@
 import org.springframework.security.oauth2.client.web.DefaultOAuth2AuthorizationRequestResolver;
 import org.springframework.security.oauth2.client.web.OAuth2AuthorizationRequestResolver;
 import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest;
+import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
 import org.springframework.util.StringUtils;
 import org.springframework.web.context.request.RequestContextHolder;
 import org.springframework.web.context.request.ServletRequestAttributes;
 import org.springframework.web.util.UriComponentsBuilder;
 
+import static java.util.Objects.isNull;
+
 /**
  * Custom request resolver to capture request info before sending it to oauth2 providers and store
  * them in the current request session
  *
  * <p>intended to replace {@see OAuth2ClientResources}
  */
 public class OAuth2RequestResolver implements OAuth2AuthorizationRequestResolver {
+  private final AntPathRequestMatcher authorizationRequestMatcher;
   private DefaultOAuth2AuthorizationRequestResolver resolver;
+  private static final String REGISTRATION_ID_URI_VARIABLE_NAME = "registrationId";
 
   public OAuth2RequestResolver(
       ClientRegistrationRepository clientRegistrationRepository,
       String authorizationRequestBaseUri) {
     this.resolver =
         new DefaultOAuth2AuthorizationRequestResolver(
             clientRegistrationRepository, authorizationRequestBaseUri);
+    this.authorizationRequestMatcher =
+        new AntPathRequestMatcher(
+            authorizationRequestBaseUri + "/{" + REGISTRATION_ID_URI_VARIABLE_NAME + "}");
   }
 
   @SneakyThrows
   @Override
   public OAuth2AuthorizationRequest resolve(HttpServletRequest request) {
+    // check if the request is an oauth2 login request first
+    val registrationId = this.resolveRegistrationId(request);
+    if (isNull(registrationId)) {
+      return this.resolver.resolve(request);
+    }
     val uri = new URI(request.getRequestURI() + "?" + request.getQueryString());
     val attr = (ServletRequestAttributes) RequestContextHolder.currentRequestAttributes();
     val session = attr.getRequest().getSession(true);
@@ -58,4 +71,14 @@ public OAuth2AuthorizationRequest resolve(HttpServletRequest request) {
   public OAuth2AuthorizationRequest resolve(HttpServletRequest request, String registrationId) {
     return this.resolve(request, registrationId);
   }
+
+  private String resolveRegistrationId(HttpServletRequest request) {
+    if (this.authorizationRequestMatcher.matches(request)) {
+      return this.authorizationRequestMatcher
+          .matcher(request)
+          .getVariables()
+          .get(REGISTRATION_ID_URI_VARIABLE_NAME);
+    }
+    return null;
+  }
 }

src/test/java/bio/overture/ego/controller/RefreshTokenTest.java

@@ -1,6 +1,7 @@
 package bio.overture.ego.controller;
 
 import static bio.overture.ego.model.enums.JavaFields.REFRESH_ID;
+import static java.util.Objects.isNull;
 import static org.junit.Assert.*;
 import static org.springframework.http.HttpHeaders.AUTHORIZATION;
 import static org.springframework.http.HttpStatus.*;
@@ -172,6 +173,9 @@ public void deleteRefresh_missingRefreshToken_Unauthorized() {
 
   private void assertNoRefreshIdCookie(StringResponseOption response) {
     val cookies = response.getResponse().getHeaders().get("Set-Cookie");
+    if (isNull(cookies)) {
+      return;
+    }
     Objects.requireNonNull(cookies)
         .forEach(
             c -> {