Nov 27th, 2012, 09:58 AM
getting the "redirect_uri" within the login page
My question is related to oAuth, but I think that it is relevant not only to oAuth but to general Spring Security.
In my implementation (of OAuth), I have a login page that lets a non-registered user to create an account.
From my login page, the user clicks "create account". After a user successfully creates an account, I send him a verification email, which supposed to both activate his account as well as redirect him to the page he initially wanted to get to. In oAuth, when a user tries to get to a protected resource, he is redirected to the oAuth mechanism, and one of the params is the "redirect-uri", so after authenticating the oAuth-server knows where to send the client to. Unfortunately, I did not find the way to get the "redirect-uri" within the login page, so I cannot pass it as a param to the "create account" flow. (Meaning, once I left the login page, I do not know the "redirect-uri").
NOT RELATED TO OAUTH: I saw that the ExceptionTranslationFilter calls the LoginUrlAuthenticationEntryPoint.commence(). There, in the request, I DO see the "redirect-uri" which is an attribute of the request; but it is not passed to the login form itself...
Is there a way to get the redirect-uri within the login form?