ClientRegistration.redirectUri -> redirectUriTemplate

Fixes gh-4827

config/src/main/java/org/springframework/security/config/oauth2/client/CommonOAuth2Provider.java

@@ -100,7 +100,7 @@ public enum CommonOAuth2Provider {
 		ClientRegistration.Builder builder = ClientRegistration.withRegistrationId(registrationId);
 		builder.clientAuthenticationMethod(method);
 		builder.authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE);
-		builder.redirectUri(redirectUri);
+		builder.redirectUriTemplate(redirectUri);
 		return builder;
 	}
 

config/src/test/java/org/springframework/security/config/oauth2/client/CommonOAuth2ProviderTests.java

@@ -51,7 +51,7 @@ public class CommonOAuth2ProviderTests {
 			.isEqualTo(ClientAuthenticationMethod.BASIC);
 		assertThat(registration.getAuthorizationGrantType())
 			.isEqualTo(AuthorizationGrantType.AUTHORIZATION_CODE);
-		assertThat(registration.getRedirectUri()).isEqualTo(DEFAULT_LOGIN_REDIRECT_URL);
+		assertThat(registration.getRedirectUriTemplate()).isEqualTo(DEFAULT_LOGIN_REDIRECT_URL);
 		assertThat(registration.getScopes()).containsOnly("openid", "profile", "email",
 			"address", "phone");
 		assertThat(registration.getClientName()).isEqualTo("Google");
@@ -75,7 +75,7 @@ public class CommonOAuth2ProviderTests {
 			.isEqualTo(ClientAuthenticationMethod.BASIC);
 		assertThat(registration.getAuthorizationGrantType())
 			.isEqualTo(AuthorizationGrantType.AUTHORIZATION_CODE);
-		assertThat(registration.getRedirectUri()).isEqualTo(DEFAULT_LOGIN_REDIRECT_URL);
+		assertThat(registration.getRedirectUriTemplate()).isEqualTo(DEFAULT_LOGIN_REDIRECT_URL);
 		assertThat(registration.getScopes()).containsOnly("user");
 		assertThat(registration.getClientName()).isEqualTo("GitHub");
 		assertThat(registration.getRegistrationId()).isEqualTo("123");
@@ -98,7 +98,7 @@ public class CommonOAuth2ProviderTests {
 			.isEqualTo(ClientAuthenticationMethod.POST);
 		assertThat(registration.getAuthorizationGrantType())
 			.isEqualTo(AuthorizationGrantType.AUTHORIZATION_CODE);
-		assertThat(registration.getRedirectUri()).isEqualTo(DEFAULT_LOGIN_REDIRECT_URL);
+		assertThat(registration.getRedirectUriTemplate()).isEqualTo(DEFAULT_LOGIN_REDIRECT_URL);
 		assertThat(registration.getScopes()).containsOnly("public_profile", "email");
 		assertThat(registration.getClientName()).isEqualTo("Facebook");
 		assertThat(registration.getRegistrationId()).isEqualTo("123");
@@ -123,7 +123,7 @@ public class CommonOAuth2ProviderTests {
 			.isEqualTo(ClientAuthenticationMethod.BASIC);
 		assertThat(registration.getAuthorizationGrantType())
 			.isEqualTo(AuthorizationGrantType.AUTHORIZATION_CODE);
-		assertThat(registration.getRedirectUri()).isEqualTo(DEFAULT_LOGIN_REDIRECT_URL);
+		assertThat(registration.getRedirectUriTemplate()).isEqualTo(DEFAULT_LOGIN_REDIRECT_URL);
 		assertThat(registration.getScopes()).containsOnly("openid", "profile", "email",
 			"address", "phone");
 		assertThat(registration.getClientName()).isEqualTo("Okta");

oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/registration/ClientRegistration.java

@@ -38,7 +38,7 @@ public final class ClientRegistration {
 	private String clientSecret;
 	private ClientAuthenticationMethod clientAuthenticationMethod = ClientAuthenticationMethod.BASIC;
 	private AuthorizationGrantType authorizationGrantType;
-	private String redirectUri;
+	private String redirectUriTemplate;
 	private Set<String> scopes = Collections.emptySet();
 	private ProviderDetails providerDetails = new ProviderDetails();
 	private String clientName;
@@ -66,8 +66,8 @@ public final class ClientRegistration {
 		return this.authorizationGrantType;
 	}
 
-	public String getRedirectUri() {
-		return this.redirectUri;
+	public String getRedirectUriTemplate() {
+		return this.redirectUriTemplate;
 	}
 
 	public Set<String> getScopes() {
@@ -90,7 +90,7 @@ public final class ClientRegistration {
 			+ ", clientSecret='" + this.clientSecret + '\''
 			+ ", clientAuthenticationMethod=" + this.clientAuthenticationMethod
 			+ ", authorizationGrantType=" + this.authorizationGrantType
-			+ ", redirectUri='" + this.redirectUri + '\''
+			+ ", redirectUriTemplate='" + this.redirectUriTemplate + '\''
 			+ ", scopes=" + this.scopes
 			+ ", providerDetails=" + this.providerDetails
 			+ ", clientName='" + this.clientName
@@ -150,7 +150,7 @@ public final class ClientRegistration {
 		private String clientSecret;
 		private ClientAuthenticationMethod clientAuthenticationMethod = ClientAuthenticationMethod.BASIC;
 		private AuthorizationGrantType authorizationGrantType;
-		private String redirectUri;
+		private String redirectUriTemplate;
 		private Set<String> scopes;
 		private String authorizationUri;
 		private String tokenUri;
@@ -183,8 +183,8 @@ public final class ClientRegistration {
 			return this;
 		}
 
-		public Builder redirectUri(String redirectUri) {
-			this.redirectUri = redirectUri;
+		public Builder redirectUriTemplate(String redirectUriTemplate) {
+			this.redirectUriTemplate = redirectUriTemplate;
 			return this;
 		}
 
@@ -244,7 +244,7 @@ public final class ClientRegistration {
 			clientRegistration.clientSecret = this.clientSecret;
 			clientRegistration.clientAuthenticationMethod = this.clientAuthenticationMethod;
 			clientRegistration.authorizationGrantType = this.authorizationGrantType;
-			clientRegistration.redirectUri = this.redirectUri;
+			clientRegistration.redirectUriTemplate = this.redirectUriTemplate;
 			clientRegistration.scopes = this.scopes;
 
 			ProviderDetails providerDetails = clientRegistration.new ProviderDetails();
@@ -267,7 +267,7 @@ public final class ClientRegistration {
 			Assert.hasText(this.clientId, "clientId cannot be empty");
 			Assert.hasText(this.clientSecret, "clientSecret cannot be empty");
 			Assert.notNull(this.clientAuthenticationMethod, "clientAuthenticationMethod cannot be null");
-			Assert.hasText(this.redirectUri, "redirectUri cannot be empty");
+			Assert.hasText(this.redirectUriTemplate, "redirectUriTemplate cannot be empty");
 			Assert.notEmpty(this.scopes, "scopes cannot be empty");
 			Assert.hasText(this.authorizationUri, "authorizationUri cannot be empty");
 			Assert.hasText(this.tokenUri, "tokenUri cannot be empty");
@@ -283,7 +283,7 @@ public final class ClientRegistration {
 				"authorizationGrantType must be " + AuthorizationGrantType.IMPLICIT.getValue());
 			Assert.hasText(this.registrationId, "registrationId cannot be empty");
 			Assert.hasText(this.clientId, "clientId cannot be empty");
-			Assert.hasText(this.redirectUri, "redirectUri cannot be empty");
+			Assert.hasText(this.redirectUriTemplate, "redirectUriTemplate cannot be empty");
 			Assert.notEmpty(this.scopes, "scopes cannot be empty");
 			Assert.hasText(this.authorizationUri, "authorizationUri cannot be empty");
 			Assert.hasText(this.clientName, "clientName cannot be empty");

oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/OAuth2AuthorizationRequestRedirectFilter.java

@@ -180,7 +180,7 @@ public class OAuth2AuthorizationRequestRedirectFilter extends OncePerRequestFilt
 			.toUriString();
 		uriVariables.put("baseUrl", baseUrl);
 
-		return UriComponentsBuilder.fromUriString(clientRegistration.getRedirectUri())
+		return UriComponentsBuilder.fromUriString(clientRegistration.getRedirectUriTemplate())
 			.buildAndExpand(uriVariables)
 			.toUriString();
 	}

oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/InMemoryOAuth2AuthorizedClientServiceTests.java

@@ -45,7 +45,7 @@ public class InMemoryOAuth2AuthorizedClientServiceTests {
 		.clientSecret("secret")
 		.clientAuthenticationMethod(ClientAuthenticationMethod.BASIC)
 		.authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE)
-		.redirectUri("{baseUrl}/login/oauth2/code/{registrationId}")
+		.redirectUriTemplate("{baseUrl}/login/oauth2/code/{registrationId}")
 		.scope("user")
 		.authorizationUri("https://provider.com/oauth2/authorize")
 		.tokenUri("https://provider.com/oauth2/token")
@@ -59,7 +59,7 @@ public class InMemoryOAuth2AuthorizedClientServiceTests {
 		.clientSecret("secret")
 		.clientAuthenticationMethod(ClientAuthenticationMethod.BASIC)
 		.authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE)
-		.redirectUri("{baseUrl}/login/oauth2/code/{registrationId}")
+		.redirectUriTemplate("{baseUrl}/login/oauth2/code/{registrationId}")
 		.scope("openid", "profile", "email")
 		.authorizationUri("https://provider.com/oauth2/authorize")
 		.tokenUri("https://provider.com/oauth2/token")
@@ -73,7 +73,7 @@ public class InMemoryOAuth2AuthorizedClientServiceTests {
 		.clientSecret("secret")
 		.clientAuthenticationMethod(ClientAuthenticationMethod.BASIC)
 		.authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE)
-		.redirectUri("{baseUrl}/login/oauth2/code/{registrationId}")
+		.redirectUriTemplate("{baseUrl}/login/oauth2/code/{registrationId}")
 		.scope("openid", "profile")
 		.authorizationUri("https://provider.com/oauth2/authorize")
 		.tokenUri("https://provider.com/oauth2/token")

oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/endpoint/NimbusAuthorizationCodeTokenResponseClientTests.java

@@ -125,7 +125,7 @@ public class NimbusAuthorizationCodeTokenResponseClientTests {
 		this.exception.expect(IllegalArgumentException.class);
 
 		String redirectUri = "http:\\example.com";
-		when(this.clientRegistration.getRedirectUri()).thenReturn(redirectUri);
+		when(this.clientRegistration.getRedirectUriTemplate()).thenReturn(redirectUri);
 
 		this.tokenResponseClient.getTokenResponse(
 			new OAuth2AuthorizationCodeGrantRequest(this.clientRegistration, this.authorizationExchange));

oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/registration/ClientRegistrationTests.java

@@ -48,7 +48,7 @@ public class ClientRegistrationTests {
 			.clientSecret(CLIENT_SECRET)
 			.clientAuthenticationMethod(ClientAuthenticationMethod.BASIC)
 			.authorizationGrantType(null)
-			.redirectUri(REDIRECT_URI)
+			.redirectUriTemplate(REDIRECT_URI)
 			.scope(SCOPES.toArray(new String[0]))
 			.authorizationUri(AUTHORIZATION_URI)
 			.tokenUri(TOKEN_URI)
@@ -64,7 +64,7 @@ public class ClientRegistrationTests {
 			.clientSecret(CLIENT_SECRET)
 			.clientAuthenticationMethod(ClientAuthenticationMethod.BASIC)
 			.authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE)
-			.redirectUri(REDIRECT_URI)
+			.redirectUriTemplate(REDIRECT_URI)
 			.scope(SCOPES.toArray(new String[0]))
 			.authorizationUri(AUTHORIZATION_URI)
 			.tokenUri(TOKEN_URI)
@@ -77,7 +77,7 @@ public class ClientRegistrationTests {
 		assertThat(registration.getClientSecret()).isEqualTo(CLIENT_SECRET);
 		assertThat(registration.getClientAuthenticationMethod()).isEqualTo(ClientAuthenticationMethod.BASIC);
 		assertThat(registration.getAuthorizationGrantType()).isEqualTo(AuthorizationGrantType.AUTHORIZATION_CODE);
-		assertThat(registration.getRedirectUri()).isEqualTo(REDIRECT_URI);
+		assertThat(registration.getRedirectUriTemplate()).isEqualTo(REDIRECT_URI);
 		assertThat(registration.getScopes()).isEqualTo(SCOPES);
 		assertThat(registration.getProviderDetails().getAuthorizationUri()).isEqualTo(AUTHORIZATION_URI);
 		assertThat(registration.getProviderDetails().getTokenUri()).isEqualTo(TOKEN_URI);
@@ -92,7 +92,7 @@ public class ClientRegistrationTests {
 			.clientSecret(CLIENT_SECRET)
 			.clientAuthenticationMethod(ClientAuthenticationMethod.BASIC)
 			.authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE)
-			.redirectUri(REDIRECT_URI)
+			.redirectUriTemplate(REDIRECT_URI)
 			.scope(SCOPES.toArray(new String[0]))
 			.authorizationUri(AUTHORIZATION_URI)
 			.tokenUri(TOKEN_URI)
@@ -108,7 +108,7 @@ public class ClientRegistrationTests {
 			.clientSecret(CLIENT_SECRET)
 			.clientAuthenticationMethod(ClientAuthenticationMethod.BASIC)
 			.authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE)
-			.redirectUri(REDIRECT_URI)
+			.redirectUriTemplate(REDIRECT_URI)
 			.scope(SCOPES.toArray(new String[0]))
 			.authorizationUri(AUTHORIZATION_URI)
 			.tokenUri(TOKEN_URI)
@@ -124,7 +124,7 @@ public class ClientRegistrationTests {
 			.clientSecret(null)
 			.clientAuthenticationMethod(ClientAuthenticationMethod.BASIC)
 			.authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE)
-			.redirectUri(REDIRECT_URI)
+			.redirectUriTemplate(REDIRECT_URI)
 			.scope(SCOPES.toArray(new String[0]))
 			.authorizationUri(AUTHORIZATION_URI)
 			.tokenUri(TOKEN_URI)
@@ -140,7 +140,7 @@ public class ClientRegistrationTests {
 			.clientSecret(CLIENT_SECRET)
 			.clientAuthenticationMethod(null)
 			.authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE)
-			.redirectUri(REDIRECT_URI)
+			.redirectUriTemplate(REDIRECT_URI)
 			.scope(SCOPES.toArray(new String[0]))
 			.authorizationUri(AUTHORIZATION_URI)
 			.tokenUri(TOKEN_URI)
@@ -156,7 +156,7 @@ public class ClientRegistrationTests {
 			.clientSecret(CLIENT_SECRET)
 			.clientAuthenticationMethod(ClientAuthenticationMethod.BASIC)
 			.authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE)
-			.redirectUri(null)
+			.redirectUriTemplate(null)
 			.scope(SCOPES.toArray(new String[0]))
 			.authorizationUri(AUTHORIZATION_URI)
 			.tokenUri(TOKEN_URI)
@@ -172,7 +172,7 @@ public class ClientRegistrationTests {
 			.clientSecret(CLIENT_SECRET)
 			.clientAuthenticationMethod(ClientAuthenticationMethod.BASIC)
 			.authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE)
-			.redirectUri(REDIRECT_URI)
+			.redirectUriTemplate(REDIRECT_URI)
 			.scope(null)
 			.authorizationUri(AUTHORIZATION_URI)
 			.tokenUri(TOKEN_URI)
@@ -188,7 +188,7 @@ public class ClientRegistrationTests {
 			.clientSecret(CLIENT_SECRET)
 			.clientAuthenticationMethod(ClientAuthenticationMethod.BASIC)
 			.authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE)
-			.redirectUri(REDIRECT_URI)
+			.redirectUriTemplate(REDIRECT_URI)
 			.scope(SCOPES.toArray(new String[0]))
 			.authorizationUri(null)
 			.tokenUri(TOKEN_URI)
@@ -204,7 +204,7 @@ public class ClientRegistrationTests {
 			.clientSecret(CLIENT_SECRET)
 			.clientAuthenticationMethod(ClientAuthenticationMethod.BASIC)
 			.authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE)
-			.redirectUri(REDIRECT_URI)
+			.redirectUriTemplate(REDIRECT_URI)
 			.scope(SCOPES.toArray(new String[0]))
 			.authorizationUri(AUTHORIZATION_URI)
 			.tokenUri(null)
@@ -220,7 +220,7 @@ public class ClientRegistrationTests {
 			.clientSecret(CLIENT_SECRET)
 			.clientAuthenticationMethod(ClientAuthenticationMethod.BASIC)
 			.authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE)
-			.redirectUri(REDIRECT_URI)
+			.redirectUriTemplate(REDIRECT_URI)
 			.scope(SCOPES.toArray(new String[0]))
 			.authorizationUri(AUTHORIZATION_URI)
 			.tokenUri(TOKEN_URI)
@@ -236,7 +236,7 @@ public class ClientRegistrationTests {
 			.clientSecret(CLIENT_SECRET)
 			.clientAuthenticationMethod(ClientAuthenticationMethod.BASIC)
 			.authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE)
-			.redirectUri(REDIRECT_URI)
+			.redirectUriTemplate(REDIRECT_URI)
 			.scope(SCOPES.toArray(new String[0]))
 			.authorizationUri(AUTHORIZATION_URI)
 			.tokenUri(TOKEN_URI)
@@ -252,7 +252,7 @@ public class ClientRegistrationTests {
 			.clientSecret(CLIENT_SECRET)
 			.clientAuthenticationMethod(ClientAuthenticationMethod.BASIC)
 			.authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE)
-			.redirectUri(REDIRECT_URI)
+			.redirectUriTemplate(REDIRECT_URI)
 			.scope("scope1")
 			.authorizationUri(AUTHORIZATION_URI)
 			.tokenUri(TOKEN_URI)
@@ -265,7 +265,7 @@ public class ClientRegistrationTests {
 		ClientRegistration registration = ClientRegistration.withRegistrationId(REGISTRATION_ID)
 			.clientId(CLIENT_ID)
 			.authorizationGrantType(AuthorizationGrantType.IMPLICIT)
-			.redirectUri(REDIRECT_URI)
+			.redirectUriTemplate(REDIRECT_URI)
 			.scope(SCOPES.toArray(new String[0]))
 			.authorizationUri(AUTHORIZATION_URI)
 			.clientName(CLIENT_NAME)
@@ -274,7 +274,7 @@ public class ClientRegistrationTests {
 		assertThat(registration.getRegistrationId()).isEqualTo(REGISTRATION_ID);
 		assertThat(registration.getClientId()).isEqualTo(CLIENT_ID);
 		assertThat(registration.getAuthorizationGrantType()).isEqualTo(AuthorizationGrantType.IMPLICIT);
-		assertThat(registration.getRedirectUri()).isEqualTo(REDIRECT_URI);
+		assertThat(registration.getRedirectUriTemplate()).isEqualTo(REDIRECT_URI);
 		assertThat(registration.getScopes()).isEqualTo(SCOPES);
 		assertThat(registration.getProviderDetails().getAuthorizationUri()).isEqualTo(AUTHORIZATION_URI);
 		assertThat(registration.getClientName()).isEqualTo(CLIENT_NAME);
@@ -285,7 +285,7 @@ public class ClientRegistrationTests {
 		ClientRegistration.withRegistrationId(null)
 			.clientId(CLIENT_ID)
 			.authorizationGrantType(AuthorizationGrantType.IMPLICIT)
-			.redirectUri(REDIRECT_URI)
+			.redirectUriTemplate(REDIRECT_URI)
 			.scope(SCOPES.toArray(new String[0]))
 			.authorizationUri(AUTHORIZATION_URI)
 			.clientName(CLIENT_NAME)
@@ -297,7 +297,7 @@ public class ClientRegistrationTests {
 		ClientRegistration.withRegistrationId(REGISTRATION_ID)
 			.clientId(null)
 			.authorizationGrantType(AuthorizationGrantType.IMPLICIT)
-			.redirectUri(REDIRECT_URI)
+			.redirectUriTemplate(REDIRECT_URI)
 			.scope(SCOPES.toArray(new String[0]))
 			.authorizationUri(AUTHORIZATION_URI)
 			.clientName(CLIENT_NAME)
@@ -309,7 +309,7 @@ public class ClientRegistrationTests {
 		ClientRegistration.withRegistrationId(REGISTRATION_ID)
 			.clientId(CLIENT_ID)
 			.authorizationGrantType(AuthorizationGrantType.IMPLICIT)
-			.redirectUri(null)
+			.redirectUriTemplate(null)
 			.scope(SCOPES.toArray(new String[0]))
 			.authorizationUri(AUTHORIZATION_URI)
 			.clientName(CLIENT_NAME)
@@ -321,7 +321,7 @@ public class ClientRegistrationTests {
 		ClientRegistration.withRegistrationId(REGISTRATION_ID)
 			.clientId(CLIENT_ID)
 			.authorizationGrantType(AuthorizationGrantType.IMPLICIT)
-			.redirectUri(REDIRECT_URI)
+			.redirectUriTemplate(REDIRECT_URI)
 			.scope(null)
 			.authorizationUri(AUTHORIZATION_URI)
 			.clientName(CLIENT_NAME)
@@ -333,7 +333,7 @@ public class ClientRegistrationTests {
 		ClientRegistration.withRegistrationId(REGISTRATION_ID)
 			.clientId(CLIENT_ID)
 			.authorizationGrantType(AuthorizationGrantType.IMPLICIT)
-			.redirectUri(REDIRECT_URI)
+			.redirectUriTemplate(REDIRECT_URI)
 			.scope(SCOPES.toArray(new String[0]))
 			.authorizationUri(null)
 			.clientName(CLIENT_NAME)
@@ -345,7 +345,7 @@ public class ClientRegistrationTests {
 		ClientRegistration.withRegistrationId(REGISTRATION_ID)
 			.clientId(CLIENT_ID)
 			.authorizationGrantType(AuthorizationGrantType.IMPLICIT)
-			.redirectUri(REDIRECT_URI)
+			.redirectUriTemplate(REDIRECT_URI)
 			.scope(SCOPES.toArray(new String[0]))
 			.authorizationUri(AUTHORIZATION_URI)
 			.clientName(null)

oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/registration/InMemoryClientRegistrationRepositoryTests.java

@@ -40,7 +40,7 @@ public class InMemoryClientRegistrationRepositoryTests {
 		.clientId("client-id")
 		.clientName("client-name")
 		.clientSecret("client-secret")
-		.redirectUri("{baseUrl}/login/oauth2/code/{registrationId}")
+		.redirectUriTemplate("{baseUrl}/login/oauth2/code/{registrationId}")
 		.scope("user")
 		.tokenUri("https://example.com/oauth/access_token")
 		.build();

oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/web/OAuth2AuthorizationRequestRedirectFilterTests.java

@@ -56,7 +56,7 @@ public class OAuth2AuthorizationRequestRedirectFilterTests {
 			.clientSecret("secret")
 			.clientAuthenticationMethod(ClientAuthenticationMethod.BASIC)
 			.authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE)
-			.redirectUri("{baseUrl}/login/oauth2/code/{registrationId}")
+			.redirectUriTemplate("{baseUrl}/login/oauth2/code/{registrationId}")
 			.scope("user")
 			.authorizationUri("https://provider.com/oauth2/authorize")
 			.tokenUri("https://provider.com/oauth2/token")
@@ -69,7 +69,7 @@ public class OAuth2AuthorizationRequestRedirectFilterTests {
 			.clientSecret("secret")
 			.clientAuthenticationMethod(ClientAuthenticationMethod.BASIC)
 			.authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE)
-			.redirectUri("{baseUrl}/login/oauth2/code/{registrationId}")
+			.redirectUriTemplate("{baseUrl}/login/oauth2/code/{registrationId}")
 			.scope("openid", "profile", "email")
 			.authorizationUri("https://provider.com/oauth2/authorize")
 			.tokenUri("https://provider.com/oauth2/token")
@@ -80,7 +80,7 @@ public class OAuth2AuthorizationRequestRedirectFilterTests {
 		this.registration3 = ClientRegistration.withRegistrationId("registration-3")
 			.clientId("client-3")
 			.authorizationGrantType(AuthorizationGrantType.IMPLICIT)
-			.redirectUri("{baseUrl}/login/oauth2/implicit/{registrationId}")
+			.redirectUriTemplate("{baseUrl}/login/oauth2/implicit/{registrationId}")
 			.scope("openid", "profile", "email")
 			.authorizationUri("https://provider.com/oauth2/authorize")
 			.tokenUri("https://provider.com/oauth2/token")
@@ -266,7 +266,7 @@ public class OAuth2AuthorizationRequestRedirectFilterTests {
 		OAuth2AuthorizationRequest authorizationRequest = authorizationRequestRepository.loadAuthorizationRequest(request);
 
 		assertThat(authorizationRequest.getRedirectUri()).isNotEqualTo(
-			this.registration2.getRedirectUri());
+			this.registration2.getRedirectUriTemplate());
 		assertThat(authorizationRequest.getRedirectUri()).isEqualTo(
 			"http://localhost:80/login/oauth2/code/registration-2");
 	}

oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/web/OAuth2LoginAuthenticationFilterTests.java

@@ -82,7 +82,7 @@ public class OAuth2LoginAuthenticationFilterTests {
 			.clientSecret("secret")
 			.clientAuthenticationMethod(ClientAuthenticationMethod.BASIC)
 			.authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE)
-			.redirectUri("{baseUrl}/login/oauth2/code/{registrationId}")
+			.redirectUriTemplate("{baseUrl}/login/oauth2/code/{registrationId}")
 			.scope("user")
 			.authorizationUri("https://provider.com/oauth2/authorize")
 			.tokenUri("https://provider.com/oauth2/token")
@@ -95,7 +95,7 @@ public class OAuth2LoginAuthenticationFilterTests {
 			.clientSecret("secret")
 			.clientAuthenticationMethod(ClientAuthenticationMethod.BASIC)
 			.authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE)
-			.redirectUri("{baseUrl}/login/oauth2/code/{registrationId}")
+			.redirectUriTemplate("{baseUrl}/login/oauth2/code/{registrationId}")
 			.scope("openid", "profile", "email")
 			.authorizationUri("https://provider.com/oauth2/authorize")
 			.tokenUri("https://provider.com/oauth2/token")