This repository has been archived by the owner on Dec 13, 2022. It is now read-only.
OpenID : GET method should be used on User Information Endpoint instead of POST #10044
Labels
Comments
|
Same issue here, changing the request to GET fixes the issue. (Using Okta) |
lpinsivy
added a commit
that referenced
this issue
Aug 31, 2021
13 tasks
lpinsivy
added a commit
that referenced
this issue
Sep 8, 2021
lpinsivy
added a commit
that referenced
this issue
Sep 8, 2021
lpinsivy
added a commit
that referenced
this issue
Sep 8, 2021
lpinsivy
added a commit
that referenced
this issue
Oct 13, 2021
lpinsivy
added a commit
that referenced
this issue
Oct 13, 2021
lpinsivy
added a commit
that referenced
this issue
Oct 13, 2021
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
BUG REPORT INFORMATION
Centreon Versions
Tested on last 20.10.10 version but checked the last 21.04.x code and seems to be also present.
Steps to Reproduce
When trying to connect using OpenID in Centreon it failed with some IDP when getting UserInfo as it's a POST and a GET is exepted
Describe the received result
The IDP we use send us an error as Centreon request /userinfo endpoint with POST method and only GET method is allowed.
I also check Keycloak seems to prefer GET also (but is less strict and accept post)
Additional relevant information (e.g. frequency, ...)
The last doc from openId precise https://openid.net/specs/openid-connect-basic-1_0.html#UserInfoRequest
https://github.com/centreon/centreon/blob/2caa01bc77eb21ccf2fb53103feeadf61f0746af/www/class/centreonAuth.SSO.class.php#L482-L490
Thanks !!
The text was updated successfully, but these errors were encountered: