- changed status to open
AuthorizationSuccessResponse does not support query params in the redirect URI
When the redirect URI has a query param in it, the AuthorizationSuccessResponse's toURI method just adds another ?code=xxxxxxxxxx to it, which means the redirect URI now has 2 question marks in it. Since section 3.1.2 of the OAuth 2 spec states that query parameters must be supported in the redirect URI, this kinda blocks us. I've temporarily worked around it by extending the AuthorizationSuccessResponse class and overriding the toURI() method with the following code:
@Override public URI toURI() throws SerializeException { UriBuilder urib = UriBuilder.fromUri(getRedirectionURI());
// Add query params
Map<String, String> params = toParameters();
for (Entry<String, String> param : params.entrySet()) {
urib.queryParam(param.getKey(), param.getValue());
}
return urib.build();
}
Comments (6)
-
-
Hang on, which version of the SDK do you have?
This should have been fixed a while ago, in version 4.14.2: https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions/issues/140/handle-query-component-in-original
-
reporter That does look the same, but this is still an issue as well: https://bitbucket.org/connect2id/nimbus-jose-jwt/issues/149/authorizationrequestparse-final-uri-uri
-
- changed status to duplicate
Duplicate of
#140. -
The URL parsing ticket was moved as it was originally posted under a different library:
-
Fix for issue
#147released in SDK v4.16.1:http://search.maven.org/#artifactdetails|com.nimbusds|oauth2-oidc-sdk|4.16.1|jar
- Log in to comment
Thanks for reporting this. We'll add a test to confirm the bug and then proceed with the fix.