Disregard callback url regex validation when accessurl is configured …

…in the app
wso2-extensions · Dec 3, 2023 · 2ba104b · 2ba104b
1 parent 3080948
commit 2ba104b
Show file tree

Hide file tree

Showing 4 changed files with 41 additions and 9 deletions.
diff --git a/...y.recovery/src/main/java/org/wso2/carbon/identity/recovery/IdentityRecoveryConstants.java b/...y.recovery/src/main/java/org/wso2/carbon/identity/recovery/IdentityRecoveryConstants.java
@@ -142,6 +142,7 @@ public class IdentityRecoveryConstants {
     public static final String EXECUTE_ACTION = "ui.execute";
     public static final String UTF_8 = "UTF-8";
     public static final String CALLBACK = "callback";
+    public static final String ACCESS_URL = "accessUrl";
     public static final String IS_LITE_SIGN_UP = "isLiteSignUp";
     public static final String DEFAULT_CALLBACK_REGEX = ".*";
     public static final String IS_USER_PORTAL_URL = "isUserPortalURL";

diff --git a/.../java/org/wso2/carbon/identity/recovery/password/NotificationPasswordRecoveryManager.java b/.../java/org/wso2/carbon/identity/recovery/password/NotificationPasswordRecoveryManager.java
@@ -484,12 +484,16 @@ private HashMap<String, String> buildPropertyMap(Property[] properties) {
     private void validateCallback(Property[] properties, String tenantDomain) throws IdentityRecoveryServerException {
 
         String callbackURL = null;
+        String appAccessURL = null;
         try {
             callbackURL = Utils.getCallbackURL(properties);
-            if (StringUtils.isNotBlank(callbackURL) && !Utils.validateCallbackURL(callbackURL, tenantDomain,
-                    IdentityRecoveryConstants.ConnectorConfig.RECOVERY_CALLBACK_REGEX)) {
-                throw Utils.handleServerException(
-                        IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_CALLBACK_URL_NOT_VALID, callbackURL);
+            appAccessURL = Utils.getAccessUrl(properties);
+            if (StringUtils.isEmpty(appAccessURL) && !callbackURL.equals(appAccessURL)) {
+                if (StringUtils.isNotBlank(callbackURL) && !Utils.validateCallbackURL(callbackURL, tenantDomain,
+                        IdentityRecoveryConstants.ConnectorConfig.RECOVERY_CALLBACK_REGEX)) {
+                    throw Utils.handleServerException(
+                            IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_CALLBACK_URL_NOT_VALID, callbackURL);
+                }
             }
         } catch (URISyntaxException | UnsupportedEncodingException | IdentityEventException e) {
             throw Utils.handleServerException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_CALLBACK_URL_NOT_VALID,

diff --git a/...y/src/main/java/org/wso2/carbon/identity/recovery/signup/UserSelfRegistrationManager.java b/...y/src/main/java/org/wso2/carbon/identity/recovery/signup/UserSelfRegistrationManager.java
@@ -97,6 +97,7 @@
 
 import java.io.UnsupportedEncodingException;
 import java.net.MalformedURLException;
+import java.net.URISyntaxException;
 import java.text.SimpleDateFormat;
 import java.time.Instant;
 import java.util.ArrayList;
@@ -153,14 +154,18 @@ public NotificationResponseBean registerUser(User user, String password, Claim[]
 
         // Callback URL validation
         String callbackURL = null;
+        String appAccessUrl = null;
         try {
             callbackURL = Utils.getCallbackURLFromRegistration(properties);
-            if (StringUtils.isNotBlank(callbackURL) && !Utils.validateCallbackURL(callbackURL, tenantDomain,
-                    IdentityRecoveryConstants.ConnectorConfig.SELF_REGISTRATION_CALLBACK_REGEX)) {
-                throw Utils.handleServerException(
-                        IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_CALLBACK_URL_NOT_VALID, callbackURL);
+            appAccessUrl = Utils.getAccessUrl(properties);
+            if (StringUtils.isEmpty(appAccessUrl) && !callbackURL.equals(appAccessUrl)) {
+                if (StringUtils.isNotBlank(callbackURL) && !Utils.validateCallbackURL(callbackURL, tenantDomain,
+                        IdentityRecoveryConstants.ConnectorConfig.SELF_REGISTRATION_CALLBACK_REGEX)) {
+                    throw Utils.handleServerException(
+                            IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_CALLBACK_URL_NOT_VALID, callbackURL);
+                }
             }
-        } catch (MalformedURLException | UnsupportedEncodingException | IdentityEventException e) {
+        } catch (MalformedURLException | UnsupportedEncodingException | IdentityEventException | URISyntaxException e) {
             throw Utils.handleServerException(IdentityRecoveryConstants.ErrorMessages.ERROR_CODE_CALLBACK_URL_NOT_VALID,
                     callbackURL);
         }

diff --git a/....carbon.identity.recovery/src/main/java/org/wso2/carbon/identity/recovery/util/Utils.java b/....carbon.identity.recovery/src/main/java/org/wso2/carbon/identity/recovery/util/Utils.java
@@ -719,6 +719,28 @@ public static String getCallbackURL(org.wso2.carbon.identity.recovery.model.Prop
         return callbackURL;
     }
 
+    public static String getAccessUrl(org.wso2.carbon.identity.recovery.model.Property[] properties)
+            throws UnsupportedEncodingException, URISyntaxException {
+
+        if (properties == null) {
+            return null;
+        }
+        String accessURL = null;
+        for (org.wso2.carbon.identity.recovery.model.Property property : properties) {
+            if (IdentityRecoveryConstants.ACCESS_URL.equals(property.getKey())) {
+                accessURL = property.getValue();
+                break;
+            }
+        }
+
+        if (StringUtils.isNotBlank(accessURL)) {
+            URI uri = new URI(accessURL);
+            accessURL = new URI(uri.getScheme(), uri.getAuthority(), uri.getPath(), null, null)
+                    .toString();
+        }
+        return accessURL;
+    }
+
     /**
      * Get whether this is tenant flow
      *