Closed lukearran closed 3 years ago
Hi @lukearran, Thank you for the detailed report. Internal ticket id #BAP-20044.
Hi there,
Is there any updates in regards to this issue? Has it been resolved in a recent update?
Kindest Regards
Luke
This problem should have been fixed in the scope of another issue - BAP-19968 You may look for BAP-19968 to see the related commits - https://github.com/search?q=org%3Aoroinc+BAP-19968&type=commits
Summary
The OAuth Authentication via 'oauth2-token' end-point is broken when "Guest Mode" is disabled. POST request to this end-point will return the HTML representation of the 'Customer Login' page.
Steps to reproduce
Actual Result
The HTTP request will return a HTML document representation of a customer login page. Attempting to sign in will return a 'Invalid CSRF token' error.
Expected Result
The end-point should return a JSON representation of the following object containing the Access Token.
Details about your environment