Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
OIDC with REST-endpoint using "code" query-parameter fails
See original GitHub issueDescribe the bug My service uses OIDC (type=web-app) and has a REST-API /hello?code=abc. The Query-Parameter code conflicts with the OIDC authorization code flow.
DEBUG [io.qua.oid.run.CodeAuthenticationMechanism] (vert.x-eventloop-thread-13) The state cookie is missing after a redirect from IDP
Expected behavior I can use any query-parameter name in my REST API without conflicting with OIDC extension.
Actual behavior The REST API returns wrong response status code.
To Reproduce Follow the steps in the README.md of https://github.com/haraldatbmw/oidc-code-query-parameter
Environment (please complete the following information):
- Quarkus version or git rev: 1.8.3.Final
Issue Analytics
- State:
- Created 3 years ago
- Comments:13 (13 by maintainers)
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
@haraldatbmw No problems 😃, the PR should not only allow the custom code/state on the first or re-auth requests, but also let users select the way they want to handle the case where a state cookie is missing, so it is not in vain 😃, and I’d definitely would not consider that enhancement without you opening this issue 😃
@haraldatbmw sorry, have to close this issue - in some cases we just can’t avoid the ambiguity with the code query parameter, we’ve had a long discussion with @pedroigor about it.