diff --git a/Jenkinsfile b/Jenkinsfile
index 6e8c8b2b..d8d60af5 100644
--- a/Jenkinsfile
+++ b/Jenkinsfile
@@ -1,4 +1,8 @@
buildPlugin(useContainerAgent: true,
- // Opt-in to the Artifact Caching Proxy, to be removed when it will be in opt-out.
- // See https://github.com/jenkins-infra/helpdesk/issues/2752 for more details and updates.
- artifactCachingProxyEnabled: true)
+ // Opt-in to the Artifact Caching Proxy, to be removed when it will be in opt-out.
+ // See https://github.com/jenkins-infra/helpdesk/issues/2752 for more details and updates.
+ artifactCachingProxyEnabled: true,
+ configurations: [
+ [platform: 'linux', jdk: 17],
+ [platform: 'windows', jdk: 11],
+ ])
diff --git a/pom.xml b/pom.xml
index a4e82fc4..d582935f 100644
--- a/pom.xml
+++ b/pom.xml
@@ -3,7 +3,7 @@
org.jenkins-ci.plugins
plugin
- 4.51
+ 4.78
@@ -11,7 +11,7 @@
2.7
-SNAPSHOT
jenkinsci/oic-auth-plugin
- 2.346.1
+ 2.361
true
Max
1569.vb_72405b_80249
diff --git a/src/main/java/org/jenkinsci/plugins/oic/OicSecurityRealm.java b/src/main/java/org/jenkinsci/plugins/oic/OicSecurityRealm.java
index 4db90324..193f7ecc 100644
--- a/src/main/java/org/jenkinsci/plugins/oic/OicSecurityRealm.java
+++ b/src/main/java/org/jenkinsci/plugins/oic/OicSecurityRealm.java
@@ -62,6 +62,7 @@
import java.io.UnsupportedEncodingException;
import java.lang.reflect.Field;
import java.net.MalformedURLException;
+import java.net.URI;
import java.net.URL;
import java.net.URLEncoder;
import java.nio.charset.Charset;
@@ -734,7 +735,7 @@ protected String getValidRedirectUrl(String url) {
if (url != null && !url.isEmpty()) {
// Check if the URL is relative and starts with a slash
if (url.startsWith("/")) {
- return getRootUrl() + url; // Convert to absolute URL
+ return URI.create(getRootUrl() + url).normalize().toString();
}
// If not relative, then check if it's a valid absolute URL
try {
diff --git a/src/test/java/org/jenkinsci/plugins/oic/EscapeHatchCrumbExclusionTest.java b/src/test/java/org/jenkinsci/plugins/oic/EscapeHatchCrumbExclusionTest.java
index 1330a3b7..3d8d97e1 100644
--- a/src/test/java/org/jenkinsci/plugins/oic/EscapeHatchCrumbExclusionTest.java
+++ b/src/test/java/org/jenkinsci/plugins/oic/EscapeHatchCrumbExclusionTest.java
@@ -19,6 +19,15 @@ public class EscapeHatchCrumbExclusionTest {
private FilterChain chain = null;
+ private Request newRequestWithPath(String requestPath) {
+ return new Request(null, null) {
+ @Override
+ public String getPathInfo() {
+ return requestPath;
+ }
+ };
+ }
+
@Test
public void process_WithNullPath() throws IOException, ServletException {
Request request = new Request(null, null);
@@ -27,8 +36,7 @@ public void process_WithNullPath() throws IOException, ServletException {
@Test
public void process_WithWrongPath() throws IOException, ServletException {
- Request request = new Request(null, null);
- request.setPathInfo("fictionalPath");
+ Request request = newRequestWithPath("fictionalPath");
assertFalse(crumb.process(request, response, chain));
}
@@ -41,8 +49,7 @@ public void doFilter(ServletRequest arg0, ServletResponse arg1) throws IOExcepti
}
};
- Request request = new Request(null, null);
- request.setPathInfo("/securityRealm/escapeHatch");
+ Request request = newRequestWithPath("/securityRealm/escapeHatch");
assertTrue(crumb.process(request, response, chain));
}
}
diff --git a/src/test/java/org/jenkinsci/plugins/oic/OicSecurityRealmTest.java b/src/test/java/org/jenkinsci/plugins/oic/OicSecurityRealmTest.java
index 58d6996e..35542238 100644
--- a/src/test/java/org/jenkinsci/plugins/oic/OicSecurityRealmTest.java
+++ b/src/test/java/org/jenkinsci/plugins/oic/OicSecurityRealmTest.java
@@ -4,8 +4,6 @@
import com.github.tomakehurst.wiremock.junit.WireMockRule;
import hudson.util.Secret;
import java.io.IOException;
-import java.net.MalformedURLException;
-
import org.acegisecurity.AuthenticationManager;
import org.acegisecurity.BadCredentialsException;
import org.acegisecurity.GrantedAuthority;
@@ -18,7 +16,6 @@
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertNotNull;
-import static org.junit.Assert.assertThrows;
public class OicSecurityRealmTest {
@@ -89,7 +86,7 @@ public void testShouldSetNullClientSecretWhenSecretIsNone() throws IOException {
@Test
public void testGetValidRedirectUrl() throws IOException {
- String rootUrl = "http://localhost:" + wireMockRule.port() + "/jenkins/";
+ String rootUrl = jenkinsRule.jenkins.getRootUrl();
TestRealm realm = new TestRealm.Builder(wireMockRule)
.WithMinimalDefaults().build();
@@ -97,6 +94,16 @@ public void testGetValidRedirectUrl() throws IOException {
assertEquals(rootUrl + "bar", realm.getValidRedirectUrl(rootUrl + "bar"));
assertEquals(rootUrl, realm.getValidRedirectUrl(null));
assertEquals(rootUrl, realm.getValidRedirectUrl(""));
- assertThrows(MalformedURLException.class, () -> realm.getValidRedirectUrl("foobar"));
+ assertEquals(rootUrl, realm.getValidRedirectUrl("foobar"));
+ }
+
+ @Test
+ public void testShouldReturnRootUrlWhenRedirectUrlIsInvalid() throws IOException {
+ String rootUrl = jenkinsRule.jenkins.getRootUrl();
+
+ TestRealm realm = new TestRealm.Builder(wireMockRule)
+ .WithMinimalDefaults().build();
+ assertEquals(rootUrl, realm.getValidRedirectUrl("foobar"));
+ assertEquals(rootUrl, realm.getValidRedirectUrl("https://another-host/"));
}
}