You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@cxf.apache.org by "Colm O hEigeartaigh (Jira)" <ji...@apache.org> on 2021/01/04 09:47:04 UTC
[jira] [Closed] (CXF-8370)
org.apache.cxf.rs.security.oauth2.services.RedirectionBasedGrantService#startAuthorization(javax.ws.rs.core.MultivaluedMap)
shouldn't require an user
[ https://issues.apache.org/jira/browse/CXF-8370?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Colm O hEigeartaigh closed CXF-8370.
------------------------------------
> org.apache.cxf.rs.security.oauth2.services.RedirectionBasedGrantService#startAuthorization(javax.ws.rs.core.MultivaluedMap<java.lang.String,java.lang.String>) shouldn't require an user
> ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
>
> Key: CXF-8370
> URL: https://issues.apache.org/jira/browse/CXF-8370
> Project: CXF
> Issue Type: Bug
> Affects Versions: 3.4.1
> Reporter: Romain Manni-Bucau
> Assignee: Colm O hEigeartaigh
> Priority: Major
> Fix For: 3.4.2
>
>
> Currently starting an authorization_code flow requires an UserContext because of org.apache.cxf.rs.security.oauth2.services.RedirectionBasedGrantService#getAndValidateSecurityContext but if it is required then you can never login (until you use 2 auth methods).
--
This message was sent by Atlassian Jira
(v8.3.4#803005)