[OLTU-182] Colons in client secrets are not supported - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Critical
Resolution: Fixed
Affects Version/s: oauth2-1.0.0
Fix Version/s: oauth2-1.0.2
Component/s: oauth2-common
Labels:
None

Description

Let me know if I'm misunderstanding, but it seems like the basic auth spec allows colons in the password: https://tools.ietf.org/html/rfc2617#section-2

OAuthUtils.decodeClientAuthentication just splits on a colon, thus failing if colons are used in the password.

Attachments

Activity

People

Assignee:: Jasha Joachimsthal

Reporter:: Adam Campbell

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 09/Oct/15 18:16

Updated:: 02/Mar/16 13:27

Resolved:: 22/Feb/16 21:22