-
-
Notifications
You must be signed in to change notification settings - Fork 50
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
breakfix: Login hint and Additional Scopes broken #23
Comments
Yea.. run into this issue with redirecting to expired HTML pages (see https://github.com/authp/authp.github.io/issues/38): File: pkg/authz/handlers/redirect.go Just set the "&" separator after if len(rr.Redirect.LoginHint) > 0 {
loginHint := rr.Redirect.LoginHint
escapedLoginHint := url.QueryEscape(loginHint)
rr.Redirect.AuthURL = fmt.Sprintf("%s%slogin_hint=%s", rr.Redirect.AuthURL, rr.Redirect.Separator, escapedLoginHint)
rr.Redirect.Separator = "&"
}
if len(rr.Redirect.AdditionalScopes) > 0 {
additionalScopes := rr.Redirect.AdditionalScopes
escapedAdditionalScopes := url.QueryEscape(additionalScopes)
rr.Redirect.AuthURL = fmt.Sprintf("%s%sadditional_scopes=%s", rr.Redirect.AuthURL, rr.Redirect.Separator, escapedAdditionalScopes)
rr.Redirect.Separator = "&"
} |
Thanks for your answer, this was my fault when added the Additional Scopes functionality. I will add the fix plus going to write some tests to avoid forget this kind of things. |
Merged. |
FYI, the fix is now a part of v1.1.15 release. |
When using one of this features, the separator for the "Location" when redirecting remains as "?" instead "&". The configureRedirect function should be responsible to update the separator value after adding login_hint and/or additional_scopes.
Current behaviour:
Expected:
The text was updated successfully, but these errors were encountered: