You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Describe the issue:
According to the OIDCC Specification - 3.1.2.6 Section, if the authorization request includes the state parameter, the error response should contain that state value. But in the Form Post mode, the error response only contains the error and error_description parameters.
How to reproduce:
Send a request to the authorization endpoint with response_mode=form_post, prompt=none and with a state value.
For example: https://localhost.com:9443/oauth2/authorize?client_id=NBLGP4u0_1nMUfTkweIvvDISyjQa&redirect_uri=https://localhost.emobix.co.uk:8443/test/a/test/callback&scope=openid&state=WCd2wWyXvOOk9CteGQPaMCOwte6hQMGeKzqfLQtGiTPsaRt2MMv0SBBhnsuLpJfo1hT2aiPg5VjeI2qCT00jpX1Dg26XEAZiCxq32WqbzuR4PuSvhq9MukGC0KxJjH4r&nonce=vo46KcYXSv&response_type=code&response_mode=form_post&prompt=none
A POST error response would be received with the response parameters in the form data as follows.
Expected behavior:
Since a state value is included in the request, the response parameters should have a state parameter.
Environment information:
Product Version: IS 5.12.0-alpha6
OS: Mac
The text was updated successfully, but these errors were encountered:
Describe the issue:
According to the OIDCC Specification - 3.1.2.6 Section, if the authorization request includes the state parameter, the error response should contain that state value. But in the Form Post mode, the error response only contains the error and error_description parameters.
How to reproduce:
Send a request to the authorization endpoint with response_mode=form_post, prompt=none and with a state value.
For example:
https://localhost.com:9443/oauth2/authorize?client_id=NBLGP4u0_1nMUfTkweIvvDISyjQa&redirect_uri=https://localhost.emobix.co.uk:8443/test/a/test/callback&scope=openid&state=WCd2wWyXvOOk9CteGQPaMCOwte6hQMGeKzqfLQtGiTPsaRt2MMv0SBBhnsuLpJfo1hT2aiPg5VjeI2qCT00jpX1Dg26XEAZiCxq32WqbzuR4PuSvhq9MukGC0KxJjH4r&nonce=vo46KcYXSv&response_type=code&response_mode=form_post&prompt=none
A POST error response would be received with the response parameters in the form data as follows.
Expected behavior:
Since a state value is included in the request, the response parameters should have a state parameter.
Environment information :
The text was updated successfully, but these errors were encountered: