-
-
Notifications
You must be signed in to change notification settings - Fork 764
Callback URI for Flows.Code with query parameters fails #414
Comments
Thanks. We will discuss that. |
I've hit this same issue when configuring a Wordpress site to use a plugin to link it to my identity server instance (the redirect URL needs to include ?action=...). The fix I was considering was in "AuthorizeRedirectResult.cs", line 51:
I've not tested this yet, but that should fix my specific issue. |
It will (as in fixing the double ? in the URI will make it work with wordpress) - that was the problem I was trying to solve. |
Just tested it using the MVC CodeFlowClient Manual test. Authorisation works, but then the 'Get Token' operation fails, and I haven't had chance to dig into the code to find out why. It looks like allowing query strings in the redirect_uri could have a few knock-on effects, but I think it's definitely worth implementing. |
It passed everything in Core.Tests and works with the ImplicitFlow javascript client; maybe there is some other issue. |
Not at my machine right now, but my repo didn't seem to have that class in it (hence me using a slightly different fix). I'll have another look in a bit. Thanks :) |
I was running an older version. I just updated and implemented your fix. I don't have any issues with CodeFlow or Implicit Clients getting tokens. |
I actually used
|
Ah, that would explain it I guess. I'll use your (more correct looking) fix and see if I can reproduce the error I got with freshly cloned repos - I've probably hacked my CodeFlow client around a bit while playing with stuff :) |
We made some changes to the URL handling in the dev branch - give it a try and let us know if this works for you. |
Thanks for making those changes. I'm grabbing the dev branch now. Will let you know. |
I've been struggling to plug the dev branch into my applications, so I've grabbed a fresh dev repo, and the client samples, but the "MVC CodeFlowClient" fails with an unexpected error. I'm trying to track down exactly where it's breaking. Do you have any tips on making the samples work against the latest code? |
Yes, right now I can imagine many of the samples aren't working -- several interface and API changes on dev. Watch for checkins or check back in 2-3 days. |
Ah, OK, thanks. I've tracked the exception down to HostDataProtector.Unprotect, called from AntiForgeryTokenValidator.GetCookieToken, but I'll leave it for now and keep an eye on the samples repo. Cheers. |
a url such as: http://localhost/?callback becomes http://localhost/?callback?code=abcdefg.
add a check into Thinktecture.IdentityServer.Core.Connect.Results.AuthorizeCodeResult (Line 37)
Original:
Modified:
The text was updated successfully, but these errors were encountered: