Due to the way the Kong Adapter deals with the synchronization of clients/application with Kong, the changing of the redirect URI of a wicked application leads to the deletion and re-creation of the oauth2 plugin of the corresponding Kong consumer. This in turn invalidates the records in the oauth2_tokens table of Kong, which are linked to the application via the oauth2 plugin ID ("credentials id").
There is by now a warning message in the wicked UI which warns about this behavior, but it would be better if the plugin records were patched instead of deleted and recreated. This can be tricky though as the Kong Adapter must also detect dropped properties, which is implicit with the previous approach.
The place in the code has been marked with the link to this issue.
Due to the way the Kong Adapter deals with the synchronization of clients/application with Kong, the changing of the redirect URI of a wicked application leads to the deletion and re-creation of the oauth2 plugin of the corresponding Kong consumer. This in turn invalidates the records in the
oauth2_tokenstable of Kong, which are linked to the application via the oauth2 plugin ID ("credentials id").There is by now a warning message in the wicked UI which warns about this behavior, but it would be better if the plugin records were patched instead of deleted and recreated. This can be tricky though as the Kong Adapter must also detect dropped properties, which is implicit with the previous approach.
The place in the code has been marked with the link to this issue.