You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I call Meteor.logInWithOidc(options,callback) with my redirectUrl='http://myapplication' (as is implemented)
My browser is redirected to the Oidc Identity Provider for user authorization with redirectUrl='https://meteorserver/_oauth/oidc' (as is implemented)
Meteor makes an out-of-band request to the Identity Provider to exchange the authorization code for oidc tokens (as is implemented)
After Meteor processes the received tokens my browser is redirected to the Url I initially provided, i.e. http://myapplication. This does not work.
Step 4 is what should be configurable. The redirectUrl can of course not be provided by the client, as this would allow arbitray (malicious) clients to authenticate via Meteor but it should be available as a service configuration parameter.
Could you please help me out here? Looking forward to your feedback.
The text was updated successfully, but these errors were encountered:
When supplying a custom redirectUrl to Meteor.logInWithOidc(options,callback), i.e.
the redirectUrl is ignored.
The behavior I would expect to see is:
Step 4 is what should be configurable. The redirectUrl can of course not be provided by the client, as this would allow arbitray (malicious) clients to authenticate via Meteor but it should be available as a service configuration parameter.
Could you please help me out here? Looking forward to your feedback.
The text was updated successfully, but these errors were encountered: