Details

    • Type: Improvement
    • Status: Resolved
    • Priority: High
    • Resolution: Fixed
    • Affects Version/s: 4.2.1, 4.4.1
    • Fix Version/s: 4.9.0
    • Component/s: Security
    • Labels:
      None

      Description

      Sometimes specific implementations of OpenID Connect or other OAuth implementations require certain parameters in the query string. For example, OpenAM's implementation of OpenID Connect may look like this:

      https://<hostname>/openam/oauth2/authorize?realm=Employees
      

      If this URL is used as part of the Auth URL, the resulting request will be:

      https://<hostname>/openam/oauth2/authorize?realm=Employees?client_id=XXXXXXXXXXX&scope=openid%20profile%20email&redirect_uri=http://<hostname2>/artifactory/api/oauth2/loginResponse&state=-5989794787979546701&response_type=code&approval_prompt=force
      

      Notice the use of the second *?* *authorize?realm=Employees?* which causes this request to fail.

      It would be helpful if Artifactory smartly interpreted the *?* in the URL and used an *&* instead of a second *?*.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                danf Dan Feldman
                Reporter:
                arturoa Arturo Aparicio
              • Votes:
                3 Vote for this issue
                Watchers:
                5 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: