[Serenity] /oauth/authorize endpoint redirected to error page if device_id as the 1st parameter

[copyliu]

Bug

Reproduction Steps

clear browser cookies then open https://login.evepc.163.com/v2/oauth/authorize?device_id=a&response_type=token&state=r1&client_id=bc90aa496a404724a93f41b4f4e97761&scope=&redirect_uri=https%3A%2F%2Fesi.evepc.163.com%2Fui%2Foauth2-redirect.html

Actual Behaviour

redirected to the error page

Expected Behaviour

it can finish the SSO flow as well.

PS: if you place the device_id to the 2nd or later, it can finish the SSO flow just like ESI Swagger UI

[copyliu]

it seems not a bug in SSO, its something wrong with /account/logon endpoint

[copyliu]

it seems someone hardcoded a url check &device_id= to /account/logon endpoint because you can finish the SSO flow with /oauth/authorize?&device_id=foo