Public

Project privacy set to public. By default, its content is available to everyone (authenticated or not). Please note that more restrictive permissions might exist on some items.

stable

Clone or download

Read-only

Validate provided redirect URI

Download Browse

Part of story #14570 Authorization grant confirmation page How to test: - Go to a project's administration - Create an OAuth2 app with a redirect endpoint, for example "https://tuleap.example.com/redirect" - query its ID in the database - go to https://tuleap.example.com/oauth2_server/authorize?client_id=tlp-client-id-<app_id>&redirect_uri=https%3A%2F%2Ftuleap.example.com%2Fredirect The authorization form should display. Omitting or modifying the redirect_uri parameter should be forbidden. Change-Id: I81a1ec988cc4434afeff5b5259800c8e5e80c72a

+53 −9
Joris MASSON (jmasson) 2020-02-25 10:11
Joris MASSON (jmasson) 2020-02-25 10:16
efe386ffc7f3a737849ced62dc9367d61dc1b0c7
6727545adaf19496c9ed0249ad4125227929cfcd
git #tuleap/stable/efe386ffc7f3a737849ced62dc9367d61dc1b0c7

Modified Files

Side by side diff
Inline diff
Name
M plugins/oauth2_server/include/AuthorizationServer/AuthorizationEndpointGetController.php +8 −0 Go to diff View file
M plugins/oauth2_server/phpunit/AuthorizationServer/AuthorizationEndpointGetControllerTest.php +45 −9 Go to diff View file