DefaultOAuth2AuthorizationRequestResolver Should Not Consume Request Body #8651

eamelink · 2020-06-04T09:38:17Z

Per the servlet spec, getParameter(name) consumes the request body for POST requests. This commit prevents DefaultOAuth2AuthorizationRequestResolver from consuming the request body for non-Authorization requests.

Fixes #8650

Per the servlet spec, getParameter(name) consumes the request body for POST requests. This commit prevents DefaultOAuth2AuthorizationRequestResolver from consuming the request body for non-Authorization requests.

jzheaux · 2020-06-05T20:36:34Z

Thanks, @eamelink! This is now merged into master via cd3fd67

Don't consume request body. Fixes spring-projectsgh-8650

69685a8

Per the servlet spec, getParameter(name) consumes the request body for POST requests. This commit prevents DefaultOAuth2AuthorizationRequestResolver from consuming the request body for non-Authorization requests.

spring-projects-issues added the status: waiting-for-triage An issue we've not yet triaged label Jun 4, 2020

jzheaux self-assigned this Jun 5, 2020

jzheaux added in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: enhancement A general enhancement and removed status: waiting-for-triage An issue we've not yet triaged labels Jun 5, 2020

jzheaux closed this Jun 5, 2020

jzheaux changed the title ~~Don't consume request body. Fixes gh-8650~~ DefaultOAuth2AuthorizationRequestResolver Should Not Consume Request Body Jun 5, 2020

jzheaux added this to the 5.4.0-M2 milestone Jun 5, 2020

jzheaux added the status: duplicate A duplicate of another issue label Jun 9, 2020

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

DefaultOAuth2AuthorizationRequestResolver Should Not Consume Request Body #8651

DefaultOAuth2AuthorizationRequestResolver Should Not Consume Request Body #8651

Uh oh!

eamelink commented Jun 4, 2020

Uh oh!

jzheaux commented Jun 5, 2020

Uh oh!

Uh oh!

DefaultOAuth2AuthorizationRequestResolver Should Not Consume Request Body #8651

DefaultOAuth2AuthorizationRequestResolver Should Not Consume Request Body #8651

Uh oh!

Conversation

eamelink commented Jun 4, 2020

Uh oh!

jzheaux commented Jun 5, 2020

Uh oh!

Uh oh!