From f9a4b0e0dc3687314ddd542bc71676355525db0f Mon Sep 17 00:00:00 2001
From: Nidhi <nidhi@appsmith.com>
Date: Tue, 1 Jun 2021 13:45:04 +0530
Subject: [PATCH] Fixes failure due to extra spaces in authorization url in
 OAuth2 datasource (#4818)

* Trimmed authorization url

* Using validation instead

* Update app/server/appsmith-plugins/restApiPlugin/src/main/java/com/external/helpers/DatasourceValidator.java

Co-authored-by: Shrikant Sharat Kandula <shrikant@appsmith.com>

* Update app/server/appsmith-plugins/restApiPlugin/src/main/java/com/external/helpers/DatasourceValidator.java

Co-authored-by: Shrikant Sharat Kandula <shrikant@appsmith.com>

Co-authored-by: Shrikant Sharat Kandula <shrikant@appsmith.com>
---
 .../com/external/helpers/DatasourceValidator.java | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/app/server/appsmith-plugins/restApiPlugin/src/main/java/com/external/helpers/DatasourceValidator.java b/app/server/appsmith-plugins/restApiPlugin/src/main/java/com/external/helpers/DatasourceValidator.java
index 8ea8e5c4a4..66358804bc 100644
--- a/app/server/appsmith-plugins/restApiPlugin/src/main/java/com/external/helpers/DatasourceValidator.java
+++ b/app/server/appsmith-plugins/restApiPlugin/src/main/java/com/external/helpers/DatasourceValidator.java
@@ -6,9 +6,17 @@ import org.springframework.util.StringUtils;
 
 import java.util.HashSet;
 import java.util.Set;
+import java.util.regex.Matcher;
+import java.util.regex.Pattern;
 
 public class DatasourceValidator {
 
+    private static final String URL_REGEX =
+            "^https?://" +
+                    "(%[0-9A-Fa-f]{2}|[-()_.!~*';/?:@&=+$,A-Za-z0-9])+$";
+
+    private static final Pattern URL_PATTERN = Pattern.compile(URL_REGEX);
+
     public static Set<String> validateAuthentication(AuthenticationDTO authenticationDTO) {
 
         if (authenticationDTO instanceof OAuth2) {
@@ -44,8 +52,15 @@ public class DatasourceValidator {
 
         if (StringUtils.isEmpty(authenticationDTO.getAuthorizationUrl())) {
             invalids.add("Missing Authorization URL");
+        } else if (!isValidUrl(authenticationDTO.getAuthorizationUrl())) {
+            invalids.add("Invalid Authorization URL");
         }
 
         return invalids;
     }
+
+    private static boolean isValidUrl(String url) {
+        Matcher matcher = URL_PATTERN.matcher(url);
+        return matcher.matches();
+    }
 }