Bug Report: Oauth2 Redirect Url malformed
See original GitHub issueI have an a Durable Task Azure function I created in vs2022, using Microsoft.Azure.WebJobs.Extensions.OpenApi v1.3.0 I configured OpenAPI to use OpenApiVersionType.V3. When I try to Authorize the swagger client, I get the prompt asking for the Client Id and Scope I requested, I provide those, it routes me to Microsoft, but the redirectUrl provided to microsoft is wrong:
redirect_uri=http%3A%2F%2Flocalhost%3A5800https%3A%2F%2Flocalhost%3A5800%2Fapi%2Foauth2-redirect.html
It appears to be combining 2 full absolute urls:
http://localhost:5800 + https://localhost:5800/api/oauth2-redirect.html
Why does it do this? Is there some configuration option to fix this, or override this behavior?
My function is decorated with this attribute:
[OpenApiSecurity("function_key", SecuritySchemeType.OAuth2, Flows = typeof(AzureFunctionOauthSecurityFlows),In = OpenApiSecurityLocationType.Header)]
public class AzureFunctionOauthSecurityFlows : OpenApiOAuthFlows
{
public AzureFunctionOauthSecurityFlows()
{
var scopesDictionary = new Dictionary<string, string>();
scopesDictionary.Add("scope here", "");
Implicit = new OpenApiOAuthFlow()
{
AuthorizationUrl = new Uri("https://login.microsoftonline.com/ID_HERE/oauth2/v2.0/authorize"),
TokenUrl = new Uri("https://login.microsoftonline.com/ID_HERE/oauth2/v2.0/token"),
Scopes = scopesDictionary
};
}
}
Issue Analytics
- State:
- Created a year ago
- Comments:9 (1 by maintainers)
Top GitHub Comments
Does anyone know when 1.4.0 will be released? I had to go back to the earlier stable version. Is it possible to reference 1.4.0 without it being released first?
it seems also already fixed https://github.com/Azure/azure-functions-openapi-extension/pull/385 but the 1.4.0 is not yet released