search

DuendeSoftware / Support

Support for Duende Software products
21 stars 0 forks source link

Infinite loop when max_age=0 #1227

Closed pecanw closed 6 months ago

pecanw commented 6 months ago

Versions used

Describe the bug

When the authorize endpoint is called with max_age=0 parameter it is copied to the callback returnUrl. So after successful login the user is redirected to the login page again (with the max_age parameter again in the returnUrl).

To Reproduce

Call authorize endpoint with max_age=0

Expected behavior

User logs-in and max age is not checked on callback.

Proposed solution - see the pull request

RolandGuijt commented 6 months ago

This is a duplicate of #1229. Closing this one so please track #1229 going forward.