Public

Project privacy set to public. By default, its content is available to everyone (authenticated or not). Please note that more restrictive permissions might exist on some items.

stable

Clone or download

Read-only

The authorization endpoint must support to be called with a HTTP POST request [0]

Download Browse

While this is made mandatory by the specification it is unlikely to happen in real life. Tuleap marks all its cookie with the SameSite=Lax attribute so the authentication cookie will not be sent cross-origin resulting in a weird experience for the user. To test you can create a page looking like this (add PKCE parameters if needed): <html> <body> <form action="/oauth2/authorize" method="post"> <input type="hidden" name="response_type" value="code"> <input type="hidden" name="client_id" value="<client_id>"> <input type="hidden" name="redirect_uri" value="<redirect_uri>"> <input type="hidden" name="scope" value="openid"> <input type="submit"> </form> </body> </html> Part of story #14714: be an OpenID Connect provider [0] https://openid.net/specs/openid-connect-core-1_0.html#AuthorizationEndpoint Change-Id: I1953767c569b4fb50ed3c5fdb4e35e8a1052e905

+22 −21
Thomas Gerbet (tgerbet) 2020-04-10 11:27
Thomas Gerbet (tgerbet) 2020-04-10 13:44
f3a28a239691218385d368f008dda440d10f1ddd
27a67d83218dee59765b0c3df9f3347f7d2a353a
git #tuleap/stable/f3a28a239691218385d368f008dda440d10f1ddd

Modified Files

Side by side diff
Inline diff
Name
M plugins/oauth2_server/include/AuthorizationServer/AuthorizationCodeResponseFactory.php +1 −1 Go to diff View file
R plugins/oauth2_server/include/AuthorizationServer/AuthorizationEndpointGetController.php Go to diff View file
R plugins/oauth2_server/include/AuthorizationServer/AuthorizationEndpointPostController.php Go to diff View file
M plugins/oauth2_server/include/AuthorizationServer/AuthorizationFormPresenterBuilder.php +1 −1 Go to diff View file
M plugins/oauth2_server/include/AuthorizationServer/RedirectURIBuilder.php +6 −6 Go to diff View file
M plugins/oauth2_server/include/oauth2_serverPlugin.php +11 −10 Go to diff View file
M plugins/oauth2_server/phpunit/AuthorizationServer/AuthorizationCodeResponseFactoryTest.php +2 −2 Go to diff View file
R plugins/oauth2_server/phpunit/AuthorizationServer/AuthorizationEndpointGetControllerTest.php Go to diff View file
R plugins/oauth2_server/phpunit/AuthorizationServer/AuthorizationEndpointPostControllerTest.php Go to diff View file
M plugins/oauth2_server/templates/authorization-form.mustache +1 −1 Go to diff View file