You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@cxf.apache.org by "Colm O hEigeartaigh (JIRA)" <ji...@apache.org> on 2018/07/12 10:02:00 UTC

[jira] [Created] (CXF-7788) Support POST method for OAuth authorization service

Colm O hEigeartaigh created CXF-7788:
----------------------------------------

             Summary: Support POST method for OAuth authorization service
                 Key: CXF-7788
                 URL: https://issues.apache.org/jira/browse/CXF-7788
             Project: CXF
          Issue Type: Task
            Reporter: Colm O hEigeartaigh
            Assignee: Colm O hEigeartaigh
             Fix For: 3.2.6


The OAuth 2.0 spec says that:

"The authorization server MUST support the use of the HTTP "GET" method [RFC2616] for the authorization endpoint and MAY support the use of the "POST" method as well."

The OIDC spec says:

"Authorization Servers MUST support the use of the HTTP GET and POST methods defined in RFC 2616 [RFC2616] at the Authorization Endpoint."

So we should support the POST method as well.

 



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)