Closed lucaa closed 1 year ago
The cause of this issue is https://github.com/xwikisas/identity-oauth/issues/11 .
This doesn't reproduce on XWiki before 13.7 because the configurable class didn't have a scope
property before this version , it was added in https://jira.xwiki.org/browse/XWIKI-18723 .
Note that for 'normal' usage of this application the scope
property of the ConfigurableClass doesn't need to be set.
However, since the this application relies on a deprecated property (configureGlobally
) to show the configuration section in the administration, in some situations that property can be unset and thus, in order to get the Azure AD configurable properly, the scope
needs to be set manually. This was my case above, I exported the config page from one wiki and tried to import it in another wiki and it appears like the configureGlobally
property got lost upon this transfer, which is normal if the property is deprecated.
However, even for the cases when the application is used out of the box on 14.4, the scope
property of the ConfigurableClass still overwrites the scope
of the AzureADConfigClass, resetting it to empty. There may be some side-effects of this reset to empty, as AFAIU the scopes asked from azure will default to the minimal ones https://github.com/xwikisas/integration-azure-oauth/blob/master/api/src/main/java/com/xwiki/azureoauth/AzureADIdentityOAuthProvider.java#L121 instead of actually sending the ones from the AzureADConfig....
This was fixed by upgrading the identity-oauth dependency in https://github.com/xwikisas/integration-azure-oauth/commit/b2dd72e76c7e2cb5264464c359ceff2a88d1d1e7 , which contains a fix for https://github.com/xwikisas/identity-oauth/issues/11
Steps to reproduce (on XWiki 13.7+):
Expected result:
Actual result: