Uploaded image for project: 'Nuxeo Platform'
  1. Nuxeo Platform
  2. NXP-14248

Bad oAuth auth Request url encoding

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Blocker
    • Resolution: Won't Fix
    • Affects Version/s: 5.9.2
    • Fix Version/s: None
    • Component/s: OAuth

      Description

      When Nuxeo do a request to a oAuth provider, the URL callback encoded in the request is not encoded.

      Here is the configuration used :

      • I create a oAuth connection first in Admin center with the same configuration than below (a bug appear if you don't do it first)
      • copy in nxserver/config this contribution
      <?xml version="1.0"?>
<component name="org.nuxeo.ecm.platform.oauth2.openid.tequila" version="1.0">

  <extension
      target="org.nuxeo.ecm.platform.oauth2.openid.OpenIDConnectProviderRegistry"
          point="providers">
     <provider>
       <name>TequilaID</name>
       <label>Tequila</label>
       <clientId>d105291375833502156e51a8@epfl.ch</clientId>
       <clientSecret>fe526d17f4413e50c3e465dccaafdeed</clientSecret>
       <description>Login using your Tequila account</description>
       <authorizationServerURL>https://tequila.epfl.ch/OAUTH2IdP/auth</authorizationServerURL>
       <tokenServerURL>https://tequila.epfl.ch/OAUTH2IdP/token</tokenServerURL>
       <userInfoURL>https://tequila.epfl.ch/OAUTH2IdP/userinfo</userInfoURL>
       <userInfoClass>org.nuxeo.tequila.oauth.TequilaUserInfo</userInfoClass>
       <scope>profile</scope>
       <icon>/img/bouteille-de-tequila-olmeca-re.png</icon>
       <userResolverClass>org.nuxeo.tequila.oauth.TequilaInfoResolver</userResolverClass>
     </provider>
</extension>

  <!--extension
    target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService"
    point="loginScreen">

    <loginScreenConfig>

      <headerStyle>#DDDDDD</headerStyle>
      <newsIframeUrl></newsIframeUrl>
      <disableBackgroundSizeCover>true</disableBackgroundSizeCover>

      <loginProviders>
        <loginProvider name="TequilaID" label="Tequila" class="org.nuxeo.ecm.platform.oauth2.openid.OpenIDConnectProvider">
          <iconPath>nuxeo.war/img/bouteille-de-tequila-olmeca-re.png</iconPath>
          <link>News</link>
        </loginProvider>
      </loginProviders>
    </loginScreenConfig>

  </extension-->
  
</component>

      Problem:

      • When I click on Tequila link in the login form I have the following redirect with 2 "?". Here is the redirect done :
      https://tequila.epfl.ch/OAUTH2IdP/auth?client_id=d105291375833502156e51a8@epfl.ch&redirect_uri=http://kissrv69.epfl.ch/nuxeo/nxstartup.faces?provider%3DTequilaID%26forceAnonymousLogin%3Dtrue&response_type=code&scope=https://tequila.epfl.ch/OAUTH2IdP/token&state=aga71oc7783k7rt9689bquir6g

        Attachments

          Activity

            People

            • Votes:
              8 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: