This repository was archived by the owner on Dec 12, 2018. It is now read-only.
This repository was archived by the owner on Dec 12, 2018. It is now read-only.
social v2: login model shows authorizeUri when it shouldn't #1159
Description
If the webConfig has status DISABLED and has /login status ENABLED, the login model will still show an authorizeUri for defined providers with a null domain name.
authorizeUri should not be shown if webConfig is DISABLED, regardless of other endpoint settings within webConfig.
Steps to reproduce:
- Disable webconfig, but enable /login
- Make sure at least one social provider is configured for the application
-
Fire up a sample app connected to the Application, such as the Spring Boot WebMVC example.
-
http http://localhost:8080/login
You'll see output like:
{
"accountStores": [
{
"authorizeUri": "https://null/authorize?response_type=stormpath_token&account_store_href=https%3A%2F%2Fapi.stormpath.com%2Fv1%2Fdirectories%2F12OvcZl9yQuldBGw7X0LZs",
"href": "https://api.stormpath.com/v1/directories/12OvcZl9yQuldBGw7X0LZs",
"name": "Demo-Facebook",
"provider": {
"clientId": "794907687304823",
"href": "https://api.stormpath.com/v1/directories/12OvcZl9yQuldBGw7X0LZs/provider",
"providerId": "facebook",
"scope": "public_profile email"
}
},
...
],
"form": {
"fields": [
{
"label": "Username or Email",
"name": "login",
"placeholder": "Username or Email",
"required": true,
"type": "text"
},
{
"label": "Password",
"name": "password",
"placeholder": "Password",
"required": true,
"type": "password"
}
]
}
}
(Notice the null in the authorizeUri. Under these conditions, the authorizeUri should not be there at all)