Uploaded image for project: 'UY'
  1. UY
  2. UY-735

Parsing of HTTP Basic authN of OAuth clients broken

    Details

    • Type: Bug
    • Status: Done
    • Priority: Medium
    • Resolution: Done
    • Affects Version/s: None
    • Fix Version/s: v2.6.0
    • Labels:
      None

      Description

      According to OAuth2 RFC the username and secret of the client shall be initially URL encoded. Unity does the right thing when encoding the requests, but not when authenticating clients - we always use the plain HTTP basic.

        Attachments

          Activity

            People

            • Assignee:
              golbi Krzysztof Benedyczak
              Reporter:
              golbi Krzysztof Benedyczak
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: