stable
Clone or download
While this is made mandatory by the specification it is unlikely to happen in real life. Tuleap marks all its cookie with the SameSite=Lax attribute so the authentication cookie will not be sent cross-origin resulting in a weird experience for the user. To test you can create a page looking like this (add PKCE parameters if needed): <html> <body> <form action="/oauth2/authorize" method="post"> <input type="hidden" name="response_type" value="code"> <input type="hidden" name="client_id" value="<client_id>"> <input type="hidden" name="redirect_uri" value="<redirect_uri>"> <input type="hidden" name="scope" value="openid"> <input type="submit"> </form> </body> </html> Part of story #14714: be an OpenID Connect provider [0] https://openid.net/specs/openid-connect-core-1_0.html#AuthorizationEndpoint Change-Id: I1953767c569b4fb50ed3c5fdb4e35e8a1052e905
Modified Files
Name | ||||
---|---|---|---|---|
M | plugins/oauth2_server/include/AuthorizationServer/AuthorizationCodeResponseFactory.php | +1 | −1 | Go to diff View file |
R | plugins/oauth2_server/include/AuthorizationServer/AuthorizationEndpointGetController.php | Go to diff View file | ||
R | plugins/oauth2_server/include/AuthorizationServer/AuthorizationEndpointPostController.php | Go to diff View file | ||
M | plugins/oauth2_server/include/AuthorizationServer/AuthorizationFormPresenterBuilder.php | +1 | −1 | Go to diff View file |
M | plugins/oauth2_server/include/AuthorizationServer/RedirectURIBuilder.php | +6 | −6 | Go to diff View file |
M | plugins/oauth2_server/include/oauth2_serverPlugin.php | +11 | −10 | Go to diff View file |
M | plugins/oauth2_server/phpunit/AuthorizationServer/AuthorizationCodeResponseFactoryTest.php | +2 | −2 | Go to diff View file |
R | plugins/oauth2_server/phpunit/AuthorizationServer/AuthorizationEndpointGetControllerTest.php | Go to diff View file | ||
R | plugins/oauth2_server/phpunit/AuthorizationServer/AuthorizationEndpointPostControllerTest.php | Go to diff View file | ||
M | plugins/oauth2_server/templates/authorization-form.mustache | +1 | −1 | Go to diff View file |