[FINERACT-1144] OAuth broken (or is it?) - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Invalid
Affects Version/s: None
Fix Version/s: None
Component/s: Security
Labels:
None

Description

Reading avikganguly010 comment in ~~FINERACT-629~~ that "the spring oauth changes we did broke Oauth", and a number of (failed, uncompleted, abandoned) PRs by saransh related to ~~FINERACT-1012~~ and ~~FINERACT-1057~~ gives me the impression that Fineract's OAuth support feature may actually currently be broken.

Let's use this issue for someone to investigate and propose a PR to fix Fineract's OAuth support. I see this as a separate issue from ~~FINERACT-1012~~. It would be "fair game", IMHO, to propose to just e.g. revert whatever is known to have broken it (if someone knows what that is - I personally do not) - and then deal separate and later with respective 3rd party upgrades, or whatever.

If it's not broken and works on develop (and thus 1.4.0) as-is, then this issue should be closed.

Attachments

Issue Links

Blocked

FINERACT-1305 Release Apache Fineract v1.5.0

Resolved

is required by

FINERACT-1142 Recommend OAuth security for production installations

Open

FINERACT-1033 Fineract OAuth Token Change Bug

Open

FINERACT-1012 Spring Security OAuth 2.x to Spring Security 5.2.x

Resolved

FINERACT-1057 Running -Psecurity=oauth leads to memory leak issue

Closed

FINERACT-1143 Add Test Coverage for OAuth Support

Resolved

requires

FINERACT-1145 OAuth Support documentation is missing

Resolved

(1 is required by, 1 requires)

Activity

People

Assignee:: Michael Vorburger

Reporter:: Michael Vorburger

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 10/Sep/20 19:55

Updated:: 21/May/21 12:52

Resolved:: 21/May/21 12:52