search

erlef / oidcc

OpenId Connect client library in Erlang & Elixir
https://hexdocs.pm/oidcc
Apache License 2.0
184 stars 49 forks source link

fix: partially revert "Don't send the same parameters in query string and JWT for redirect URL (#360)" #375

Closed paulswartz closed 2 months ago

paulswartz commented 2 months ago

This reverts partially commit 3b0b5221a0c88ad733a3ffc769b5acada70c2afd.

This commit started to fail the OIDC conformance suite: https://gitlab.com/paulswartz/ueberauth_oidcc_certification/-/pipelines/1391557144

In particular, the error is:

Required http request parameters and request object claims must match

Required parameter 'response_type' was not found in http request parameters
Required parameter 'client_id' was not found in http request parameters

redirect_url does not appear to be required, so we continue to leave that out.

paulswartz commented 2 months ago

@Stratus3D it would be great if you could test this PR against your Okta setup, as you were the original reporter.

Stratus3D commented 2 months ago

@paulswartz yes I will test this now.

Stratus3D commented 2 months ago

I just tested my Elixir app with this:

{:oidcc, git: "git@github.com:paulswartz/oidcc.git", tag: "ps-request-object-params", override: true},

And it seems fine. I'm able to login and out no problem. Not sure why I determined all response_type and client_id needed to be removed.