Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

UAA client create/update should accept wildcard in redirect_uri port

See original GitHub issue

uaac --debug client add test_client -i
New client secret:  ****
Verify new client secret:  ****
scope (list):  cloud_controller.read
authorized grant types (list):  authorization_code
authorities (list):
access token validity (seconds):
refresh token validity (seconds):
redirect uri (list):  http://localhost:*/test/path
autoapprove (list):
signup redirect url (url):

error response:
{
  "error": "invalid_client",
  "error_description": "One of the redirect_uri is invalid: http://localhost:*/test/path"
}

Similar redirect URI patterns worked earlier but redirection with the saved clients also fail now. This hampers local development quite a lot because only a specified port can be used in the redirect URL definition

Issue Analytics

State:
Created 6 years ago
Reactions:1
Comments:8 (6 by maintainers)

Top GitHub Comments

1reaction

sreetummidicommented, Sep 28, 2017

@fhanik @jhamon @tnwang I had a discussion with the GE team yesterday. I have asked them to make the following changes in the PR.

Introduce the concept of whitelisting allowed redirect uri protocols at the zone level The default is HTTP and HTTPS
When clients are created which need redirect uri, we will validate against the zone whitelist of allowed protocols

Apart from this, this PR also contains allowing regex pattern for redirect port. I have asked them to keep these code changes intact within the PR

Thanks, Sree

0reactions

tnwangcommented, Apr 11, 2018

Hi @6palace, could you let us know what use case the ports apply to? Is this something around how mobile applications utilize ports for redirect URIs?

We take PRs 😃