Closed valb3r closed 3 years ago
@valb3r All reported parameters in Profile are used to test OAuth and Redirect SCA approaches simultaneously at XS2A-Sandbox https://github.com/adorsys/XS2A-Sandbox
It cann't be used the same way in Production.
Parameter "scaRedirectFlow" in the ASPSP-Profile defines variant of the SCA approach=REDIRECT:
Fow scaRedirectFlow=OAUTH link in response is wrong and will be fixed soon.
@ViraHavrylenko
All reported parameters in Profile are used to test OAuth and Redirect SCA approaches simultaneously at XS2A-Sandbox
That's exactly the case - I need to have OAuth2-integrated (OAUTH) working with Sandbox and now it can only be achieved with X-OAUTH-PREFERRED
header and not with ASPSP configuration. OAUTH_PRESTEP
works seeming because it is the default.
Fow scaRedirectFlow=OAUTH link in response is wrong and will be fixed soon.
:+1:
Fixed in v.8.0 (Sandbox is updated in v.4.5)
Field in question
scaRedirectFlow=OAUTH
Does not seem to function properlyPlace where bug appeared
Current behavior
When using the following ASPSP profile
and calling
POST /v1/consents
of xs2a,scaOAuth
URL is wrong - it ishttp://localhost:20015/oauth/authorization-server
Expected behavior
When and calling
POST /v1/consents
of xs2a,scaOAuth
URL should be like -http://localhost:20015/oauth/authorization-server?consentId=Js7WlzPxLwcAH-zLnlcEgSWEJxhZpUfEmhTXGHENk_pyT7hcwKMcr-oyrvEPRiMyfVD9C7aDmHXy2Bg8xOSursz9MpaJIQIH3NJX8IHgetw=_=_psGLvQpt9Q&redirectId=d64994fb-50df-42cc-a847-b42042276f94
Steps to reproduce
Enable ASPSP profile to use OAUTH Ensure OAUTH is in supported SCA
Note, that when using
X-OAUTH-PREFERRED
header scaOAuth is correctSCA approach
XS2A version(s):
Log files or other additional info
Feel free to provide more info about your problem
According to https://github.com/adorsys/xs2a/blob/58cba89ad0735f436dc46e8a9b11da9d5cf7ac3d/doc/XS2A.%20Details%20of%20realisation/Strong%20customer%20authentication.adoc#support-pre-step-and-integrated-oauth-modes This is valid setup