How to add custom scheme as redirect URI for sector URI

By: Michael Suhr user 07 Dec 2021 at 6:02 a.m. CST

8 Responses
Michael Suhr gravatar
Sector URI contains custom scheme like 'test://method' If the uri with custom scheme is used before other URI not redirect URI would be registered and i cannot use OIDC. THis happen because the given URI are parsed with Java 'new URL' which leads to an 'java.net.MalformedURLException: unknown protocol' error. If you then try to add an https redirectUri in UI this will shown as error that the URL is malformed because the sector is checked. Why not use new URI to validate Redirec URI? Or how is the way the add custom schem as redirectUri see: https://github.com/GluuFederation/oxTrust/blob/f7224ef706b0ed6ebd812e809cbe498c68148ac2/server/src/main/java/org/gluu/oxtrust/action/UpdateClientAction.java#L1886
Gluu 4.2.3 CentOS 7.9
closed

Answers

By Mobarak Hosen Shakil staff 26 Jan 2022 at 8:15 p.m. CST

Copy
Mobarak Hosen Shakil gravatar
Hi Michael, If I understood correctly, According to [this](https://gluu.org/docs/gluu-server/4.3/admin-guide/openid-connect/#adding-redirect-uris-to-client), You need to put those url in sector URI. > Please check this answer: https://support.gluu.org/customization/10236/cannot-add-redirect-uri-to-oidc-client/#at74289 > Regards ~ Shakil

By Michael Suhr user 27 Jan 2022 at 3:07 a.m. CST

Copy
Michael Suhr gravatar
Hi, I have configured it with sectorURI but then after update the client an error occurs because the urls are validated and then throw an error.

By Mobarak Hosen Shakil staff 06 Feb 2022 at 5:03 p.m. CST

Copy
Mobarak Hosen Shakil gravatar
what kind of error you are getting? Please share a screenshot. Regards ~ Shakil

By Michael Suhr user 07 Feb 2022 at 2:31 a.m. CST

Copy
Michael Suhr gravatar
Json ``` [ "http://localhost:9090/login/oauth2/code/gluu", "https://example1.org/login/oauth2/code/gluu", "test://method", "mycustomschme://localhost/Application/1.0/login", "https://example2.org/login/oauth2/code/gluu", ] ``` THen try to add: `https://example4.org/login` It sometimes shows that update was successfully but the entry is missing in redirect list after click on Update or it shows `The URL is malformed or blacklisted` with red banner. But this not happen always. [Blacklisted Error](https://drive.google.com/file/d/1a8AmSBWxeWUD6Eqa6RXuf4EkZ9joidMU/view?usp=sharing)
Video or screenshot link

By Mobarak Hosen Shakil staff 09 Feb 2022 at 6 p.m. CST

Copy
Mobarak Hosen Shakil gravatar
Hi Michael, What is happened when you put this `https://example4.org/login` in the sector uri then try to update Open ID Client config? Regards ~ Shakil

By Michael Suhr user 10 Feb 2022 at 1:32 a.m. CST

Copy
Michael Suhr gravatar
Hi there are two behaviours. 1. Update Config shows an error that the URL is blacklisted or invalid 2. Message shows that Client was updated but the new entry (https://example4.org/login) is removed

By Mobarak Hosen Shakil staff 12 Feb 2022 at 12:18 a.m. CST

Copy
Mobarak Hosen Shakil gravatar
Hi Michael, There is an alternative way to ignore the `blacklisted` issue. Find `clientWhiteList` in **`JSON Configuration > OxTrust Configuration`**, Then add those you URL in that list. Please see attached image file to better understand. Regards ~ Shakil
Screenshot_from_2022-02-12_00-11-52.png

By Michael Suhr user 18 Feb 2022 at 2:50 a.m. CST

Copy
Michael Suhr gravatar
Thanks. i try this. But this happens only if custom schemas are used. The problem is the check wit `new URL` instead with `new URI` But thanks for info for whitelist clients.

Post an answer