Loading...

XML

Word

Printable

Details

Type: New Feature
Resolution: Fixed
Priority: Minor
Fix Version/s: 1.22
Affects Version/s: 1.21.3
Component/s: Authenticator
Labels:
None

Tests:

Unit
Difficulty:
Unknown
Documentation:
https://extensions.xwiki.org/xwiki/bin/view/Extension/OpenID%20Connect/OpenID%20Connect%20Authenticator/#Hxwiki.properties
Documentation in Release Notes:
N/A
Similar issues:

Description

When the connection library is setting a default Accept header which doesn't match the requirements of the authentication server or sending an invalid Accept header which is rejected by the authentication server, the authentication fails.

This could be solved by explicitly setting a Accept header that matches the requirements of the authentication server. Therefore, the oidc extension got the method

setAccept(final String accept)

https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions/src/ae04c503efb5ee5695bbc3d42b988e7bf0670ef0/src/main/java/com/nimbusds/oauth2/sdk/http/HTTPRequest.java#lines-372

An example would be the the Microsoft Graph which checks for a correct Accept header and the unresolved OpenJDK issue, that it's sending an invalid Accept header if none is set explicitly.

https://bugs.openjdk.java.net/browse/JDK-8163921

This case also have been discussed https://forum.xwiki.org/t/issues-with-openid-office365/3548/17 without a solution yet. I hope, this issue helps clarifying the situation and the need of this feature to avoid faulty or incompatible default values.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending
- Thumbnails
- List
- Download All

OIDC-94_add-accessheader.patch
2 kB
08/Jan/21 12:36

Activity

People

Assignee:: Thomas Mortagne

Reporter:: Muri

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 08/Jan/21 11:50

Updated:: 11/Jan/21 10:30

Resolved:: 08/Jan/21 15:33

Date of First Response:: 08/Jan/21 12:17 PM