jjg-123
commented
3 months ago Brian Bockelman observed this in https://github.com/ncsa/oa4mp/issues/181.
Closed jjg-123 closed 1 month ago
jjg-123
commented
3 months ago Brian Bockelman observed this in https://github.com/ncsa/oa4mp/issues/181.
Using Tomcat as the auth server is broken for both device flow and standard auth code flow. Mostly this has need been tested in some time and got left behind by evolution. In particular, there is also no consent screen for device flow if the user already has logged in.
Also, device flow should run the handlers at the appropriate time in this case and it is not.