-
Bug
-
Resolution: Done
-
Major
-
2.5.1.Final
-
None
If openid-configuration does not contain request_parameter_supported (which is an optional value, see [1]) a NullPointerException is thrown in OidcClientConfiguration.resolveUrls.
Wildfly/Elytron just logs "Unable to load OpenID provider metadata from XXX" and no further information is shown.
We have analyzed this issue and the cause is that OidcProviderMetadata#requestParameterSupported is of type Boolean but in OidcClientConfiguration.resolveUrls it is cast without null check to boolean:
[1]https://openid.net/specs/openid-connect-discovery-1_0.html
- is caused by
-
ELY-2584 Add the ability to specify that the OIDC Authentication Request should include request and request_uri parameters
- Resolved
- is cloned by
-
WFLY-19678 Unable to load OpenID provider metadata if parameter "request_parameter_supported" is not present in openid provider metadata
- Open
- is incorporated by
-
WFCORE-6968 Upgrade WildFly Elytron to 2.5.2.Final
- Resolved