Closed lucaa closed 1 year ago
lucaa
commented
2 years ago The cause of this issue is https://github.com/xwikisas/identity-oauth/issues/11 .
This doesn't reproduce on XWiki before 13.7 because the configurable class didn't have a scope property before this version , it was added in https://jira.xwiki.org/browse/XWIKI-18723 .
lucaa
commented
2 years ago Note that for 'normal' usage of this application the scope property of the ConfigurableClass doesn't need to be set.
However, since the this application relies on a deprecated property (configureGlobally) to show the configuration section in the administration, in some situations that property can be unset and thus, in order to get the Azure AD configurable properly, the scope needs to be set manually. This was my case above, I exported the config page from one wiki and tried to import it in another wiki and it appears like the configureGlobally property got lost upon this transfer, which is normal if the property is deprecated.
However, even for the cases when the application is used out of the box on 14.4, the scope property of the ConfigurableClass still overwrites the scope of the AzureADConfigClass, resetting it to empty. There may be some side-effects of this reset to empty, as AFAIU the scopes asked from azure will default to the minimal ones https://github.com/xwikisas/integration-azure-oauth/blob/master/api/src/main/java/com/xwiki/azureoauth/AzureADIdentityOAuthProvider.java#L121 instead of actually sending the ones from the AzureADConfig....
oanalavinia
commented
1 year ago This was fixed by upgrading the identity-oauth dependency in https://github.com/xwikisas/integration-azure-oauth/commit/b2dd72e76c7e2cb5264464c359ceff2a88d1d1e7 , which contains a fix for https://github.com/xwikisas/identity-oauth/issues/11
Steps to reproduce (on XWiki 13.7+):
Expected result:
Actual result: