From 3f57af573ce5a50c4ab532ebd1dc049f11d695dc Mon Sep 17 00:00:00 2001
From: Rijcken Erik <erik.rijcken@infrabel.be>
Date: Tue, 24 Dec 2024 11:13:57 +0100
Subject: [PATCH] Use path of the redirect URI

---
 .../aad/msal4j/AcquireTokenByInteractiveFlowSupplier.java | 3 ++-
 .../aad/msal4j/AuthorizationResponseHandler.java          | 8 ++++++--
 2 files changed, 8 insertions(+), 3 deletions(-)

diff --git a/msal4j-sdk/src/main/java/com/microsoft/aad/msal4j/AcquireTokenByInteractiveFlowSupplier.java b/msal4j-sdk/src/main/java/com/microsoft/aad/msal4j/AcquireTokenByInteractiveFlowSupplier.java
index edaf00fb..9b171add 100644
--- a/msal4j-sdk/src/main/java/com/microsoft/aad/msal4j/AcquireTokenByInteractiveFlowSupplier.java
+++ b/msal4j-sdk/src/main/java/com/microsoft/aad/msal4j/AcquireTokenByInteractiveFlowSupplier.java
@@ -59,7 +59,8 @@ private AuthorizationResult getAuthorizationResult() {
             AuthorizationResponseHandler authorizationResponseHandler =
                     new AuthorizationResponseHandler(
                             authorizationResultQueue,
-                            systemBrowserOptions);
+                            systemBrowserOptions,
+                            interactiveRequest.interactiveRequestParameters().redirectUri());
 
             startHttpListener(authorizationResponseHandler);
 
diff --git a/msal4j-sdk/src/main/java/com/microsoft/aad/msal4j/AuthorizationResponseHandler.java b/msal4j-sdk/src/main/java/com/microsoft/aad/msal4j/AuthorizationResponseHandler.java
index 25dfdda7..ae6b2a5d 100644
--- a/msal4j-sdk/src/main/java/com/microsoft/aad/msal4j/AuthorizationResponseHandler.java
+++ b/msal4j-sdk/src/main/java/com/microsoft/aad/msal4j/AuthorizationResponseHandler.java
@@ -15,6 +15,7 @@
 import java.io.IOException;
 import java.io.InputStreamReader;
 import java.io.OutputStream;
+import java.net.URI;
 import java.util.concurrent.BlockingQueue;
 import java.util.stream.Collectors;
 
@@ -34,17 +35,20 @@ class AuthorizationResponseHandler implements HttpHandler {
 
     private BlockingQueue<AuthorizationResult> authorizationResultQueue;
     private SystemBrowserOptions systemBrowserOptions;
+    private URI redirectUri;
 
     AuthorizationResponseHandler(BlockingQueue<AuthorizationResult> authorizationResultQueue,
-                                 SystemBrowserOptions systemBrowserOptions) {
+                                 SystemBrowserOptions systemBrowserOptions, URI redirectUri) {
         this.authorizationResultQueue = authorizationResultQueue;
         this.systemBrowserOptions = systemBrowserOptions;
+        this.redirectUri = redirectUri;
     }
 
     @Override
     public void handle(HttpExchange httpExchange) throws IOException {
         try {
-            if (!httpExchange.getRequestURI().getPath().equalsIgnoreCase("/")) {
+            String expectedPath = redirectUri.getPath().isEmpty() ? "/" : redirectUri.getPath();
+            if (!httpExchange.getRequestURI().getPath().equalsIgnoreCase(expectedPath)) {
                 httpExchange.sendResponseHeaders(200, 0);
                 return;
             }