You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Expected:
The filter oauthTokenintrospectionAllKV("http://configurl", "key", "value") should call the introspection_endpoint with form parameters token=$token as per https://tools.ietf.org/html/rfc7662#section-2.1
Actual:
The filter sends the form parameters access_token=$token
Yes please, weird I thought I checked it against one of our IAM backends.
Can you create a PR to change https://github.com/zalando/skipper/blob/master/filters/auth/auth.go#L48 variable and check where it it used?
It should be only used in the oauthTokenintrospection* filters and if so it's fine to fix it according to the RFC.
Expected:
The filter
oauthTokenintrospectionAllKV("http://configurl", "key", "value")
should call theintrospection_endpoint
with form parameterstoken=$token
as per https://tools.ietf.org/html/rfc7662#section-2.1Actual:
The filter sends the form parameters
access_token=$token
See:
skipper/filters/auth/authclient.go
Line 105 in 3a77112
I can create a PR to change this if it's wanted?
The text was updated successfully, but these errors were encountered: