[jira] [Created] (CXF-8370) org.apache.cxf.rs.security.oauth2.services.RedirectionBasedGrantService#startAuthorization(javax.ws.rs.core.MultivaluedMap<java.lang.String,java.lang.String>) shouldn't require an user

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

[jira] [Created] (CXF-8370) org.apache.cxf.rs.security.oauth2.services.RedirectionBasedGrantService#startAuthorization(javax.ws.rs.core.MultivaluedMap<java.lang.String,java.lang.String>) shouldn't require an user

Colm O hEigeartaigh (Jira)
Romain Manni-Bucau created CXF-8370:
---------------------------------------

             Summary: org.apache.cxf.rs.security.oauth2.services.RedirectionBasedGrantService#startAuthorization(javax.ws.rs.core.MultivaluedMap<java.lang.String,java.lang.String>) shouldn't require an user
                 Key: CXF-8370
                 URL: https://issues.apache.org/jira/browse/CXF-8370
             Project: CXF
          Issue Type: Bug
    Affects Versions: 3.4.1
            Reporter: Romain Manni-Bucau


Currently starting an authorization_code flow requires an UserContext because of org.apache.cxf.rs.security.oauth2.services.RedirectionBasedGrantService#getAndValidateSecurityContext but if it is required then you can never login (until you use 2 auth methods).



--
This message was sent by Atlassian Jira
(v8.3.4#803005)