8000 Handle form-post as a response mode by Firstyear · Pull Request #3467 · kanidm/kanidm · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content

Handle form-post as a response mode #3467

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Mar 5, 2025
Merged

Handle form-post as a response mode #3467

merged 2 commits into from
Mar 5, 2025

Conversation

Firstyear
Copy link
Member

Some oauth2 clients apparently ignore what we tell them and request response modes we don't support.

First, we should deserialise these and error correctly.

Second, to maintain temporary compatibility, we remap form-post to query. This will be removed in future.

Fixes #3461

Checklist

  • This PR contains no AI generated code
  • book chapter included (if relevant)
  • design document included (if relevant)

@Firstyear
Handle form-post as a response mode
8a392ab 
Some oauth2 clients apparently ignore what we tell them
and request response modes we don't support.

First, we should deserialise these and error correctly.

Second, to maintain temporary compatibility, we remap
form-post to query. This will be removed in future.
@Firstyear Firstyear marked this pull request as ready for review February 26, 2025 04:18
@github-project-automation github-project-automation bot moved this from 🆕 New to 🔖 Ready in Organising Everything Mar 5, 2025
@Firstyear Firstyear merged commit dcd5cd2 into kanidm:master Mar 5, 2025
24 checks passed
@github-project-automation github-project-automation bot moved this from 🔖 Ready to ✅ Done in Organising Everything Mar 5, 2025
@Firstyear Firstyear deleted the 20250226-form-post branch March 5, 2025 03:21
CEbbinghaus
CEbbinghaus reviewed Mar 9, 2025
View reviewed changes
server/lib/src/idm/oauth2.rs
warn!(
"Invalid response mode form_post requested - many clients request this incorrectly but proceed with response_mode=query. Remapping to query."
);
warn!("This behaviour WILL BE REMOVED in a future release.");
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

sorry to necro but this is gonna be a hard sell. Once we support it removing support for it becomes significantly harder given that we would be breaking people's existing working setups.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We've done it before - before we remove it, we can convert it to a compatibility boolean, and then gauge affected users.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@CEbbinghaus CEbbinghaus CEbbinghaus left review comments

@yaleman yaleman yaleman approved these changes

Assignees
No one assigned
Labels
None yet
Projects
Organising Everything
Status: ✅ Done
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

OIDC error with 1.5.0
3 participants
@Firstyear @yaleman @CEbbinghaus
0