[CXF-8370] org.apache.cxf.rs.security.oauth2.services.RedirectionBasedGrantService#startAuthorization(javax.ws.rs.core.MultivaluedMap<java.lang.String,java.lang.String>) shouldn't require an user - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: 3.4.1
Fix Version/s: 3.4.2
Component/s: None
Labels:
None

Estimated Complexity:
Unknown

Description

Currently starting an authorization_code flow requires an UserContext because of org.apache.cxf.rs.security.oauth2.services.RedirectionBasedGrantService#getAndValidateSecurityContext but if it is required then you can never login (until you use 2 auth methods).

Attachments

Activity

People

Assignee:: Colm O hEigeartaigh

Reporter:: Romain Manni-Bucau

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 10/Nov/20 19:36

Updated:: 04/Jan/21 09:46

Resolved:: 17/Nov/20 11:31