AuthorizationCodeAuthenticationProcessingFilter -> favor query request matching #4576

jgrandja · 2017-09-26T16:19:03Z

The current RequestMatcher for AuthorizationCodeAuthenticationProcessingFilter uses path matching, for example: /oauth2/authorize/code/{clientAlias}

It might make more sense to use query parameter matching instead. This would potentially allow the user to reuse the redirect-uri for 2 or more ClientRegistration configured with the same clientId.

GitHub only supports setting 1 redirect-uri per client. With the current setup this poses an issue when configuring 2 or more GitHub ClientRegistration's with the same clientId

The text was updated successfully, but these errors were encountered:

Fixes spring-projectsgh-4576

jgrandja self-assigned this Sep 26, 2017

jgrandja added the in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) label Sep 26, 2017

jgrandja added this to the 5.0.0.M5 milestone Sep 26, 2017

jgrandja mentioned this issue Sep 26, 2017

Issues targeted for 5.0 #4495

Closed

28 tasks

jgrandja closed this as completed in 9a8ddeb Sep 28, 2017

thomasdarimont pushed a commit to thomasdarimont/spring-security that referenced this issue Apr 25, 2018

Use param matching for Authorization Response

0730610

Fixes spring-projectsgh-4576

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

AuthorizationCodeAuthenticationProcessingFilter -> favor query request matching #4576

AuthorizationCodeAuthenticationProcessingFilter -> favor query request matching #4576

jgrandja commented Sep 26, 2017 •

edited

Loading

AuthorizationCodeAuthenticationProcessingFilter -> favor query request matching #4576

AuthorizationCodeAuthenticationProcessingFilter -> favor query request matching #4576

Comments

jgrandja commented Sep 26, 2017 • edited Loading

jgrandja commented Sep 26, 2017 •

edited

Loading