Closed kristianvld closed 2 years ago
Will take a look. If a regression, it is related to:
Thanks for all of the great debug and context @kristianvld !!
If I set PKCE to Required in both 1.33.0 and 1.34.0 I get the error:
{ "message" : "OAuth return is missing the authorization code and/or the SAML encoded state." }
Yes, that is what we were fixing in 1.34.0, there were a few use cases where we were not sending in PKCE when calling back to our selves in sub oauth flows such as this.
We'll have a patch out shortly, thanks for brining it to our attention.
Thank you guys for your swift action and handling of the problem. Very much appreciated 👍
SAML login broken for some applications with update 1.34.0 when PKCE is set to
Not Required
.Description
After updating to 1.34.0 docker image (
fusionauth/fusionauth-app:1.34.0
), applications using SAML can no longer log in. Downgrading back town tofusionauth/fusionauth-app:1.33.0
fixes the issue.Affects versions
Steps to reproduce
Steps to reproduce the behavior:
Expected behavior
Expected to be able to log in normally.
Platform
(Please complete the following information)
Community guidelines
All issues filed in this repository must abide by the FusionAuth community guidelines.
Additional context
If I set
PKCE
toRequired
in both 1.33.0 and 1.34.0 I get the error:If I set it to
Not Required
in 1.33.0 everything works as expected. If I set it toNot Required
in 1.34.0 I get the following console error: