Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

authorize is possibile only by GET and not by POST #424

Closed
gianpaolo-tndigit opened this issue Sep 15, 2023 · 1 comment
Closed

authorize is possibile only by GET and not by POST #424

gianpaolo-tndigit opened this issue Sep 15, 2023 · 1 comment
Labels
enhancement oidc

Comments

@gianpaolo-tndigit
Copy link
Collaborator

as specific OIDC https://openid.net/specs/openid-connect-core-1_0.html#AuthorizationEndpoint authorization endpoint MUST support the use of the HTTP GET and POST methods.

But if you try a POST request AAC responds with a 404:

{
"timestamp": 1694761098342,
"status": 404,
"error": "Not Found",
"message": "No message available",
"path": "/oauth/authorize"
}
@matteo-s matteo-s added enhancement and removed bug labels Sep 19, 2023
gianpaolo-tndigit added a commit that referenced this issue Sep 21, 2023
@gianpaolo-tndigit
fix #360 #424: disable CSRF for /endsession and /oauth/authorize
dceee3f
matteo-s pushed a commit that referenced this issue Nov 3, 2023
@gianpaolo-tndigit @matteo-s
fix #360 #424: disable CSRF for /endsession and /oauth/authorize
7659931
@gianpaolo-tndigit
Copy link
Collaborator Author

close with #425

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement oidc
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@matteo-s @gianpaolo-tndigit