Removing conflicting parameters where auth_method != clientpostsecret in the OIDC flow.

ibm-cloud-security / app-identity-and-access-adapter

App Identity and Access Adapter for Istio Mixer

Apache License 2.0

78 stars 31 forks source link

Removing conflicting parameters where auth_method != clientpostsecret in the OIDC flow. #37

Closed z0r0 closed 4 years ago

z0r0 commented 4 years ago

Removing client_id from the body of requests where auth_method != clientpostsecret.

When the auth method == clientpostbasic, client_id should not be passed as an argument within the post body. Some identity providers are unable to process requests where multiple client_id's are specified. In this configuration, any requests that are not clientpostsecret would also recieve the client_id parameter passed into the request body. This condition is already passed in line 137.

z0r0 commented 4 years ago

Looks like there's problems with the testing CI, anyone care to take a look and help where possible?

ishangulhane commented 4 years ago

@z0r0 We are merging this as a part of #39

TalAviel commented 4 years ago

Thanks @z0r0 for opening this PR! We've merged these changes to our development branch as @ishangulhane mentioned. It will be available in our next version of the adapter.