eSeGeCe
software
You need to be logged in to view a user's profile.
Good morning,
I'm struggling with an issue I didn't have before (I think).
I tested authentication using both TsgcHTTP_OAuth2_Client & Postman a couple of versions back and both work fine.
Upon a client starting to test, Postman and their environment are failing with a 408 (the new OAuth2OAuth2Unauthorized catches (thank you)), and it's down to the redirect URL not being decoded.
TsgcHTTP_OAuth2_Client is passing unencoded, Postman encoded:
sgc:
GET /oauth2/auth?response_type=code&client_id=client-id&redirect_uri=http://127.0.0.1:8080&scope=Administrator&state=605B22FF41024245999B23704532340C HTTP/1.1
Postman:
GET /oauth2/auth?response_type=code&client_id=client-id&redirect_uri=http%3A%2F%2F127.0.0.1%3A8080 HTTP/1.1
if I hack:
vRedirectURI := TIdURI.URLDecode(oParams.Values['redirect_uri']);
aRequest.Redirect_URI := TIdURI.URLDecode(oParams.ValueFromIndex[i])
if works, but isn't the answer, is it possible in future to decode the Params, I know they are used everywhere so a lot of work/testing.
Ryszard
I'm struggling with an issue I didn't have before (I think).
I tested authentication using both TsgcHTTP_OAuth2_Client & Postman a couple of versions back and both work fine.
Upon a client starting to test, Postman and their environment are failing with a 408 (the new OAuth2OAuth2Unauthorized catches (thank you)), and it's down to the redirect URL not being decoded.
TsgcHTTP_OAuth2_Client is passing unencoded, Postman encoded:
sgc:
GET /oauth2/auth?response_type=code&client_id=client-id&redirect_uri=http://127.0.0.1:8080&scope=Administrator&state=605B22FF41024245999B23704532340C HTTP/1.1
Postman:
GET /oauth2/auth?response_type=code&client_id=client-id&redirect_uri=http%3A%2F%2F127.0.0.1%3A8080 HTTP/1.1
if I hack:
vRedirectURI := TIdURI.URLDecode(oParams.Values['redirect_uri']);
aRequest.Redirect_URI := TIdURI.URLDecode(oParams.ValueFromIndex[i])
if works, but isn't the answer, is it possible in future to decode the Params, I know they are used everywhere so a lot of work/testing.
Ryszard