-
Notifications
You must be signed in to change notification settings - Fork 3
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Spec violation: .well-known/openid-configuration must not be a redirect, return JSON directly #20
Comments
Having a look if a proxy pass as rewrite will work https://httpd.apache.org/docs/2.4/rewrite/proxy.html |
I can not reproduce the
|
@patrickjahns It's Going by the spec, |
@felix-schwarz Which I documented is not the case and can not be reproduced when accessing it directly. So what is left to do, is to resolve how to proxy the result from the url to the well know url |
@patrickjahns I see now that my comment wasn't worded clear enough. Sorry.
Yep! |
Below are the steps I have tried and I was not able to reproduce the issue.
|
@patrickjahns did fix this already -> close |
Description
According to the OpenID Connect Discovery 1.0 spec,
.well-known/openid-configuration
must return a200 OK
HTTP status response and the JSON directly:Current
The test server returns
301 Moved Permanently
, redirects tohttp://10.0.5.69:8080/index.php/apps/openidconnect/config
and returns atext/html
response.Expected
The test server returns a
200 OK
application/json
response with the set of claims.Version
The text was updated successfully, but these errors were encountered: