From 8ce38159f0fbe5dd3e46109352a321643c46727c Mon Sep 17 00:00:00 2001
From: shimingxy <shimingxy@qq.com>
Date: Sun, 28 Apr 2024 17:00:02 +0800
Subject: [PATCH] URLDecoder

---
 .../provider/endpoint/AuthorizationEndpoint.java   | 14 ++++++++++----
 1 file changed, 10 insertions(+), 4 deletions(-)

diff --git a/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/dromara/maxkey/authz/oauth2/provider/endpoint/AuthorizationEndpoint.java b/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/dromara/maxkey/authz/oauth2/provider/endpoint/AuthorizationEndpoint.java
index ca3cae3a6..2cfb96efd 100644
--- a/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/dromara/maxkey/authz/oauth2/provider/endpoint/AuthorizationEndpoint.java
+++ b/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/dromara/maxkey/authz/oauth2/provider/endpoint/AuthorizationEndpoint.java
@@ -13,7 +13,10 @@
 
 package org.dromara.maxkey.authz.oauth2.provider.endpoint;
 
+import java.io.UnsupportedEncodingException;
 import java.net.URI;
+import java.net.URLDecoder;
+import java.net.URLEncoder;
 import java.security.Principal;
 import java.util.Date;
 import java.util.HashMap;
@@ -126,8 +129,7 @@ public class AuthorizationEndpoint extends AbstractEndpoint {
         try {
             authorizationUrl = String.format(OAUTH_V20_AUTHORIZATION_URL, 
                             clientDetails.getClientId(), 
-                            HttpEncoder.encode(clientDetails.getRegisteredRedirectUri().toArray()[0].toString())
-                    );
+                            URLEncoder.encode(clientDetails.getRegisteredRedirectUri().toArray()[0].toString(),"UTF-8"));
         } catch (Exception e) {
             e.printStackTrace();
         }
@@ -177,6 +179,8 @@ public class AuthorizationEndpoint extends AbstractEndpoint {
 			// The resolved redirect URI is either the redirect_uri from the parameters or the one from
 			// clientDetails. Either way we need to store it on the AuthorizationRequest.
 			String redirectUriParameter = authorizationRequest.getRequestParameters().get(OAuth2Constants.PARAMETER.REDIRECT_URI);
+			//URLDecoder for redirect_uri
+			redirectUriParameter = URLDecoder.decode(redirectUriParameter,"UTF-8");
 			String resolvedRedirect = redirectResolver.resolveRedirect(redirectUriParameter, client);
 			if (!StringUtils.hasText(resolvedRedirect)) {
 				logger.info("Client redirectUri "+resolvedRedirect);
@@ -223,8 +227,10 @@ public class AuthorizationEndpoint extends AbstractEndpoint {
             
 			return getUserApprovalPageResponse(model, authorizationRequest, (Authentication) principal);
 
-		}
-		catch (RuntimeException e) {
+		}catch(UnsupportedEncodingException e) {
+			logger.info("URLDecoder Exception ",e);
+			throw new RuntimeException("URLDecoder UnsupportedEncodingException");
+		}catch (RuntimeException e) {
 			sessionStatus.setComplete();
 			throw e;
 		}