spring-security

History

Manuel Bleichenbacher d3490b0f87 Prevent double-escaping of authorize URL parameters If the authorization URL in the OAuth2 provider configuration contained query parameters with escaped characters, these characters were escaped a second time. This commit fixes it. It is relevant to support the OIDC claims parameter (see https://openid.net/specs/openid-connect-core-1_0.html#ClaimsParameter). Fixes gh-7871	2020-02-08 16:40:15 -05:00
..
src	Prevent double-escaping of authorize URL parameters	2020-02-08 16:40:15 -05:00
spring-security-oauth2-core.gradle	authorization_uri Uses UriComponentsBuilder	2018-12-21 13:23:47 -07:00

Manuel Bleichenbacher d3490b0f87 Prevent double-escaping of authorize URL parameters

If the authorization URL in the OAuth2 provider configuration contained query parameters with escaped characters, these characters were escaped a second time. This commit fixes it.

It is relevant to support the OIDC claims parameter (see https://openid.net/specs/openid-connect-core-1_0.html#ClaimsParameter).

Fixes gh-7871

2020-02-08 16:40:15 -05:00

src

Prevent double-escaping of authorize URL parameters

2020-02-08 16:40:15 -05:00

spring-security-oauth2-core.gradle

authorization_uri Uses UriComponentsBuilder

2018-12-21 13:23:47 -07:00