Uploaded image for project: 'WildFly Elytron'
  1. WildFly Elytron
  2. ELY-2356

Revisit org.wildfly.security.http.oidc.OidcClientConfigurationBuilder#sanitizeProviderUrl

    XMLWordPrintable

Details

    Description

      Check to see if the OidcClientConfigurationBuilder#sanitizeProviderUrl method is actually needed. It's currently called when setting the providerUrl here.

      It seems that Azure relies on the trailing slash being present as described in this forum post: https://groups.google.com/g/wildfly/c/Jez_5ieZHkE/m/2nrWF0ONAQAJ

      The presence of a trailing slash is already accounted for when determining the discovery URL so it might be possible to remove the call to sanitizeProviderUrl (see https://github.com/wildfly-security/wildfly-elytron/blob/1.x/http/oidc/src/main/java/org/wildfly/security/http/oidc/OidcClientConfiguration.java#L256-L280).

      Attachments

        Activity

          People

            fjuma1@redhat.com Farah Juma
            fjuma1@redhat.com Farah Juma
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: