Having a client with several possible uris, this line can throw the exception "Error from RemoteAuthentication: The oauth state was missing or invalid." (in case of MicrosoftAccountHandler and the first uri tested is not the right one), when it should just assign false to the result variable

IdentityServer / IdentityServer4

OpenID Connect and OAuth 2.0 Framework for ASP.NET Core

https://identityserver.io

Apache License 2.0

9.23k stars 4.01k forks source link

Having a client with several possible uris, this line can throw the exception "Error from RemoteAuthentication: The oauth state was missing or invalid." (in case of MicrosoftAccountHandler and the first uri tested is not the right one), when it should just assign false to the result variable #5363

Closed gerardhulshoff closed 2 years ago

gerardhulshoff commented 2 years ago

https://github.com/IdentityServer/IdentityServer4/blob/8b027820d9b8c20adcd8d6b495444d08cced45ca/src/IdentityServer4/src/Hosting/FederatedSignOut/AuthenticationRequestHandlerWrapper.cs#L38

stale[bot] commented 2 years ago

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Questions are community supported only and the authors/maintainers may or may not have time to reply. If you or your company would like commercial support, please see here for more information.

github-actions[bot] commented 2 years ago

This issue has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.