-
### What happened?
When using custom application scopes, renewing an access token using a refresh token is failing with an error log similar to:
```
2024-10-25 09:23:50.072 logger=oauth_token.sync us…
Fresa updated
3 weeks ago
-
### Microsoft.Identity.Web Library
Microsoft.Identity.Web
### Microsoft.Identity.Web version
3.2.2
### Web app
Sign-in users and call web APIs
### Web API
Protected web APIs call downstream web…
-
**Describe the bug**
Both the `SpringOpaqueTokenIntrospector` and `NimbusOpaqueTokenIntrospector` use the `clientId` and `clientSecret` to authenticate the calls to the authorization server.
This …
-
Hi,
In our setup the servers don't have any outside internet access. However, we run `squid` outside, connecting to the VPN and creating a proxy over ssh. Basically, we can download updates etc. wi…
-
**Describe the bug**
The OAuthgrant filter requires a tokeninfo URL which is only called by a GET [request.](https://github.com/zalando/skipper/blob/master/filters/auth/authclient.go#L111) However so…
-
WARNING: Config File: C:\Users\itadmin.NFAP\.gam\gam.cfg, Section: DEFAULT, Item: oauth2_txt, Value: C:\Users\itadmin.NFAP\.gam\oauth2.txt, Not Found
ERROR: No Client Access allowed
I have been …
-
```
OAUTH2_CLIENT_ID_REGEXP seems to be too restrictive (e.g. it won't accept
simple numeric client ids from 0 to 99), and cannot be changed without patching
OAuth2.inc.
Could this be a configurati…
-
```
OAUTH2_CLIENT_ID_REGEXP seems to be too restrictive (e.g. it won't accept
simple numeric client ids from 0 to 99), and cannot be changed without patching
OAuth2.inc.
Could this be a configurati…
-
### Description
I set up **nginx** proxy according to the [document](https://docs.gitea.com/administration/reverse-proxies#nginx-with-a-sub-path), and set the `[server] ROOT_URL = https://xxxx.com/…
-
Vulnerable Library - spring-boot-starter-oauth2-client-3.1.5.jar
Path to dependency file: /pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/springframework/security/spring-s…