Improve extractScopesFromURL() method.

wso2-extensions · Apr 6, 2024 · 1bfe9d9 · 1bfe9d9
1 parent 8598f8b
commit 1bfe9d9
Show file tree

Hide file tree

Showing 2 changed files with 9 additions and 5 deletions.
diff --git a/...a/org/wso2/carbon/identity/application/authenticator/oidc/OIDCAuthenticatorConstants.java b/...a/org/wso2/carbon/identity/application/authenticator/oidc/OIDCAuthenticatorConstants.java
@@ -81,6 +81,7 @@ private OIDCAuthenticatorConstants() {
     public static final String SCOPE_PARAM_SUFFIX = "_scope_param";
     public static final String REDIRECTION_PROMPT = "REDIRECTION_PROMPT";
     public static final String SCOPE = "scope";
+    public static final String QUESTION_SIGN = "\\?";
     public static final String AMPERSAND_SIGN = "&";
     public static final String EQUAL_SIGN = "=";
 

diff --git a/...a/org/wso2/carbon/identity/application/authenticator/oidc/OpenIDConnectAuthenticator.java b/...a/org/wso2/carbon/identity/application/authenticator/oidc/OpenIDConnectAuthenticator.java
@@ -2077,11 +2077,14 @@ protected Map<String, String> getApplicationDetails(AuthenticationContext contex
     protected String extractScopesFromURL(String url) throws UnsupportedEncodingException {
 
         if (StringUtils.isNotBlank(url)) {
-            String[] params = url.split(OIDCAuthenticatorConstants.AMPERSAND_SIGN);
-            for (String param : params) {
-                String[] keyValue = param.split(OIDCAuthenticatorConstants.EQUAL_SIGN);
-                if (keyValue.length >= 2 && OAuthConstants.OAuth20Params.SCOPE.equals(keyValue[0])) {
-                    return URLDecoder.decode(param, FrameworkUtils.UTF_8);
+            String[] splitUrl = url.split(OIDCAuthenticatorConstants.QUESTION_SIGN, 2);
+            if (splitUrl.length == 2) {
+                String[] params = splitUrl[1].split(OIDCAuthenticatorConstants.AMPERSAND_SIGN);
+                for (String param : params) {
+                    String[] keyValue = param.split(OIDCAuthenticatorConstants.EQUAL_SIGN, 2);
+                    if (keyValue.length == 2 && OAuthConstants.OAuth20Params.SCOPE.equals(keyValue[0])) {
+                        return URLDecoder.decode(keyValue[1], FrameworkUtils.UTF_8);
+                    }
                 }
             }
         }