You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@airflow.apache.org by "Sam Schlegel (JIRA)" <ji...@apache.org> on 2018/03/06 19:07:00 UTC
[jira] [Created] (AIRFLOW-2185) OAuth2 based auth backends include
query parameter in redirect_uri
Sam Schlegel created AIRFLOW-2185:
-------------------------------------
Summary: OAuth2 based auth backends include query parameter in redirect_uri
Key: AIRFLOW-2185
URL: https://issues.apache.org/jira/browse/AIRFLOW-2185
Project: Apache Airflow
Issue Type: Bug
Components: authentication
Affects Versions: 1.9.0
Reporter: Sam Schlegel
Assignee: Sam Schlegel
Both the Google OAuth2 and GHE authentication plugins include the `next_url` as a query parameter in `redirect_uri`. This breaks at least Google OAuth2, unless you include the query parameter in the authorized redirect URI. This isn't the most flexible solution, as you would have to do the same for every potential next URL.
Instead, the next_url should be passed via state, per [[RFC6749] Section 3.1.2|https://tools.ietf.org/html/rfc6749#section-3.1.2]
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)