Skip to content

The additionalParameters array parameter of OAuth2AuthorizationRequest causes the authorizationRequestUri to be incorrect #15468

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
chenzhenjia opened this issue Jul 24, 2024 · 0 comments · Fixed by #15533
Closed

The additionalParameters array parameter of OAuth2AuthorizationRequest causes the authorizationRequestUri to be incorrect #15468

chenzhenjia opened this issue Jul 24, 2024 · 0 comments · Fixed by #15533
Assignees
@sjohnr
Labels
in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) status: duplicate A duplicate of another issue type: bug A general bug
Milestone
5.8.15

Comments

@chenzhenjia
Copy link
Contributor

Describe the bug
The additionalParameters array parameter of OAuth2AuthorizationRequest causes the authorizationRequestUri to be incorrect

To Reproduce
Access the spring authorization server http://127.0.0.1:3000/oauth2/authorize?scope=openid%20profile&client_id=xx&response_type=code&state=12345&test=1&test=2
java code:

    OAuth2AuthorizationRequest authorizationRequest = OAuth2AuthorizationRequest.authorizationCode()
        .authorizationUri(authorizationCodeRequestAuthentication.getAuthorizationUri()) // http://127.0.0.1:3000/oauth2/authorize
        .clientId(registeredClient.getClientId()) //xxx
        .redirectUri(authorizationCodeRequestAuthentication.getRedirectUri())
        .scopes(authorizationCodeRequestAuthentication.getScopes())
        .state(state)
        .additionalParameters(authorizationCodeRequestAuthentication.getAdditionalParameters()) // map: {"test":["1","2"]}
        .build();
  authorizationRequest.getAuthorizationRequestUri() // http://127.0.0.1:3000/oauth2/authorize?response_type=code&client_id=xx&scope=openid%20profile&state=12345&test=%5BLjava.lang.String;@14ec7490

http://127.0.0.1:3000/oauth2/authorize?response_type=code&client_id=xx&scope=openid%20profile&state=12345&test=%5BLjava.lang.String;@14ec7490
The parameter test is wrong

Expected behavior
http://127.0.0.1:3000/oauth2/authorize?response_type=code&client_id=xx&scope=openid%20profile&state=12345&test=1&test=2
@chenzhenjia chenzhenjia added status: waiting-for-triage An issue we've not yet triaged type: bug A general bug labels Jul 24, 2024
@chenzhenjia chenzhenjia mentioned this issue Aug 7, 2024
Merged
@sjohnr sjohnr self-assigned this Aug 23, 2024
@sjohnr sjohnr added the in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) label Aug 23, 2024
sjohnr pushed a commit to chenzhenjia/spring-security that referenced this issue Sep 19, 2024
@chenzhenjia @sjohnr
Fix array values of additionalParameters
d40b242 
Closes spring-projectsgh-15468
@sjohnr sjohnr closed this as completed in 24dbc5d Sep 19, 2024
@sjohnr sjohnr modified the milestone: 5.8.15 Sep 19, 2024
@sjohnr sjohnr added status: duplicate A duplicate of another issue and removed status: waiting-for-triage An issue we've not yet triaged labels Sep 19, 2024
@sjohnr sjohnr mentioned this issue Sep 19, 2024
Closed
sjohnr pushed a commit that referenced this issue Sep 19, 2024
@chenzhenjia @sjohnr
Fix array values of additionalParameters
8a79102 
Closes gh-15468
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@sjohnr sjohnr

Labels
in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) status: duplicate A duplicate of another issue type: bug A general bug
Projects
None yet
Milestone
5.8.15
2 participants
@sjohnr @chenzhenjia