private static String verifyRedirectUri( UriInfo uriInfo, String rootUrl, String redirectUri, RealmModel realm, Set<String> validRedirects) { if (redirectUri == null) { logger.debug("No Redirect URI parameter specified"); return null; } else if (validRedirects.isEmpty()) { logger.debug("No Redirect URIs supplied"); redirectUri = null; } else { redirectUri = lowerCaseHostname(redirectUri); String r = redirectUri; Set<String> resolveValidRedirects = resolveValidRedirects(uriInfo, rootUrl, validRedirects); boolean valid = matchesRedirects(resolveValidRedirects, r); if (!valid && r.startsWith(Constants.INSTALLED_APP_URL) && r.indexOf(':', Constants.INSTALLED_APP_URL.length()) >= 0) { int i = r.indexOf(':', Constants.INSTALLED_APP_URL.length()); StringBuilder sb = new StringBuilder(); sb.append(r.substring(0, i)); i = r.indexOf('/', i); if (i >= 0) { sb.append(r.substring(i)); } r = sb.toString(); valid = matchesRedirects(resolveValidRedirects, r); } if (valid && redirectUri.startsWith("/")) { redirectUri = relativeToAbsoluteURI(uriInfo, rootUrl, redirectUri); } redirectUri = valid ? redirectUri : null; } if (Constants.INSTALLED_APP_URN.equals(redirectUri)) { return Urls.realmInstalledAppUrnCallback(uriInfo.getBaseUri(), realm.getName()).toString(); } else { return redirectUri; } }