Closed mrblur closed 5 months ago
@mrblur Thanks for the report, and yes it was not expected to be overwritten...
Can you check if #1990 fixes the issue you mentioned? re-read your issue, and now I see it will not fix it yet.
Message to comment on stale issues. If none provided, will not mark issues stale
Actual Behavior
What is the actual behavior? Our custom firewall
failure_handler
gets replaced. This makes it impossible to have any control over SSO behavior, like custom return domains.We need to control the domain part of the redirect URL (multi tenant react app). How can I do that if the configured
failure_handler
gets ignored?Expected Behavior
What is the behavior you expect? When configured, the preferred failure handler should be used.
Steps to Reproduce
Configure
failure_handler
on firewall config, call login-check endpoint with empty code= parameter, observe custom handler being ignored and hwi_oauth.authentication.failure_handler being used.For the time being, I had to overwrite hwi_oauth.authentication.failure_handler service with our own implementation, but this is neither documented, or supported for multiple firewalls.