Skip to content
Browse files

CFID-270: change default vmc callback url to https

Also defensively add https redirect to cloudfoundry clients

Change-Id: Iae60445f4f498b0049192e4b65ac2c69609f3dcb
  • Loading branch information...
1 parent 7c7c776 commit ee17521a3b95ea2b725e7c0d689a9fec4a30be7a @dsyer dsyer committed
Showing with 3 additions and 1 deletion.
  1. +2 −0 .gitignore
  2. +1 −1 lib/uaa/token_issuer.rb
View
2 .gitignore
@@ -4,3 +4,5 @@ Gemfile.lock
pkg/
doc/
coverage/
+spec_reports/
+vendor/
View
2 lib/uaa/token_issuer.rb
@@ -57,7 +57,7 @@ def prompts
# as specified by the information retrieved by #prompts
def implicit_grant_with_creds(credentials, scope = nil)
# this manufactured redirect_uri is a convention here, not part of OAuth2
- redir_uri = "http://uaa.cloudfoundry.com/redirect/#{@client_id}"
+ redir_uri = "https://uaa.cloudfoundry.com/redirect/#{@client_id}"
uri = authorize_path_args("token", redir_uri, scope, state = SecureRandom.uuid)
# the accept header is only here so the uaa will issue error replies in json to aid debugging

0 comments on commit ee17521

Please sign in to comment.
Something went wrong with that request. Please try again.