Details
diff --git a/services/src/main/java/org/keycloak/protocol/oidc/utils/RedirectUtils.java b/services/src/main/java/org/keycloak/protocol/oidc/utils/RedirectUtils.java
index e564090..441cd57 100644
--- a/services/src/main/java/org/keycloak/protocol/oidc/utils/RedirectUtils.java
+++ b/services/src/main/java/org/keycloak/protocol/oidc/utils/RedirectUtils.java
@@ -69,13 +69,8 @@ public class RedirectUtils {
private static String verifyRedirectUri(UriInfo uriInfo, String rootUrl, String redirectUri, RealmModel realm, Set<String> validRedirects) {
if (redirectUri == null) {
- if (validRedirects.size() != 1) return null;
- String validRedirect = validRedirects.iterator().next();
- int idx = validRedirect.indexOf("/*");
- if (idx > -1) {
- validRedirect = validRedirect.substring(0, idx);
- }
- redirectUri = validRedirect;
+ logger.debug("No Redirect URI parameter specified");
+ return null;
} else if (validRedirects.isEmpty()) {
logger.debug("No Redirect URIs supplied");
redirectUri = null;
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oauth/LoginStatusIframeEndpointTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oauth/LoginStatusIframeEndpointTest.java
index 5386141..958362a 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oauth/LoginStatusIframeEndpointTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oauth/LoginStatusIframeEndpointTest.java
@@ -36,6 +36,7 @@ import org.keycloak.representations.idm.RealmRepresentation;
import org.keycloak.testsuite.AbstractKeycloakTest;
import java.io.IOException;
+import java.net.URLEncoder;
import java.util.LinkedList;
import java.util.List;
import java.util.regex.Matcher;
@@ -54,8 +55,11 @@ public class LoginStatusIframeEndpointTest extends AbstractKeycloakTest {
CloseableHttpClient client = HttpClients.custom().setDefaultCookieStore(cookieStore).build();
try {
+ String redirectUri = URLEncoder.encode(suiteContext.getAuthServerInfo().getContextRoot() + "/auth/admin/master/console", "UTF-8");
+
HttpGet get = new HttpGet(
- suiteContext.getAuthServerInfo().getContextRoot() + "/auth/realms/master/protocol/openid-connect/auth?response_type=code&client_id=" + Constants.ADMIN_CONSOLE_CLIENT_ID);
+ suiteContext.getAuthServerInfo().getContextRoot() + "/auth/realms/master/protocol/openid-connect/auth?response_type=code&client_id=" + Constants.ADMIN_CONSOLE_CLIENT_ID +
+ "&redirect_uri=" + redirectUri);
CloseableHttpResponse response = client.execute(get);
String s = IOUtils.toString(response.getEntity().getContent());
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oauth/OAuthRedirectUriTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oauth/OAuthRedirectUriTest.java
index 71274a0..853b38b 100755
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oauth/OAuthRedirectUriTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oauth/OAuthRedirectUriTest.java
@@ -103,9 +103,9 @@ public class OAuthRedirectUriTest extends AbstractKeycloakTest {
@Test
public void testNoParam() throws IOException {
oauth.redirectUri(null);
- OAuthClient.AuthorizationCodeResponse response = oauth.doLogin("test-user@localhost", "password");
- Assert.assertNotNull(response.getCode());
- assertEquals(oauth.getCurrentRequest(), APP_ROOT + "/auth");
+ oauth.openLoginForm();
+ Assert.assertTrue(errorPage.isCurrent());
+ Assert.assertEquals("Invalid parameter: redirect_uri", errorPage.getError());
}
@Test
