[NXP-25342] Fix OAuth2 authentication in cluster - Nuxeo Issue Tracker

XML

Word

Printable

Details

Type: Bug
Status: Resolved
Priority: Major
Resolution: Won't Fix
Affects Version/s: 7.10
Fix Version/s: None
Component/s: OAuth

Tags:
- SupCom
Backlog priority:
300
Sprint:
nxfit 10.3.1, nxfit 10.3.2, nxfit 10.3.3, nxfit 10.3.4, nxfit 10.3.5, nxfit 10.3.6, nxfit 10.3.7, nxfit 10.3.8
Story Points:
5

Description

After calling /oauth2/authorization, the AuthorizationRequest are stored in AuthorizationRequest#requests which is a static Map.

When calling /oauth2/token, we retrieve the AuthorizationRequest from the Map given the authoriation code.
=> If the call /oauth2/token is done on another node, the AuthorizationRequest does not exist.

AuthorizationRequest should probably be stored in Redis to avoid any issue.

The bug has been fixed in 9.2 thanks to ~~NXP-22329~~. Now we need a solution for 7.10 (and 8.10 if the customer moves to LTS 2016).

Attachments

Options
- Sort By Name
- Sort By Date
- Ascending
- Descending
- Thumbnails
- List
- Download All

Attachments

0001-NXP-25342-make-OAuth2-authorization-work-in-cluster.patch
19 kB
2019-02-14 10:21

Issue Links

depends on

NXP-22329 Fix OAuth2 authentication in cluster

Resolved

Activity

People

Assignee:

Thomas Roger

Reporter:

Thierry Martins

Participants:

Thierry Martins, Thomas Roger

Votes:

0 Vote for this issue

Watchers:

2 Start watching this issue

Dates

Created:

2018-07-09 11:51

Updated:

2019-02-14 10:24

Resolved:

2019-02-14 10:22

Time Tracking

Estimated:

Not Specified

Remaining:

Logged:

1d 1h