This repository has been archived by the owner on Jan 8, 2020. It is now read-only.
Double URL encoded parameter in test: Request with redirect_uri with query component #8
Comments
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
In the authorization request, the parameter redirect_uri has been URL encoded two times:
Original Value
https%253A%2F%2Fopenidtest.uninett.no%2Fauthz_cb%253Ffox%253Dbat
1st URL Decode
https%3A//openidtest.uninett.no/authz_cb%3Ffox%3Dbat
2nd URL Decode
https://openidtest.uninett.no/authz_cb?fox=bat
Here is my complete debug output:
0.002612 EXPORT
0.016228 Started key provider
1.018564 ======================================================================
1.018781 <-- FUNCTION: discover
1.018910 <-- ARGS: {'features': {u'key_export': True, u'registration': True, u'session_management': True, u'discovery': True}, 'location': '', 'trace': <oictest.base.Trace object at 0x1fe0b90>, 'issuer': u'https://seed.gluu.org'}
2.251798 {u'https://seed.gluu.org': {'ver': {'rsa': [<M2Crypto.RSA.RSA_pub instance at 0x2063c20>, <M2Crypto.RSA.RSA_pub instance at 0x2063c68>, <M2Crypto.RSA.RSA_pub instance at 0x2063cb0>]}, 'dec': {}, 'enc': {}, 'sig': {}}, '.': {'ver': {'rsa': [<M2Crypto.RSA.RSA_pub instance at 0x2054758>]}, 'dec': {}, 'enc': {}, 'sig': {'rsa': [<M2Crypto.RSA.RSA_pub instance at 0x2054758>]}}}
2.252293 ======================================================================
2.252998 --> URL: https://seed.gluu.org/oxauth/seam/resource/restv1/oxauth/register
2.253008 --> BODY: client_id=&redirect_uris=https%3A%2F%2Fopenidtest.uninett.no%2Fauthz_cb&type=client_associate&jwk_url=http%3A%2F%2Fopenidtest.uninett.no%3A8090%2Fexport%2Fjwk.json&x509_url=http%3A%2F%2Fopenidtest.uninett.no%3A8090%2Fexport%2Fcert.pem
2.253018 --> HEADERS: {'content-type': 'application/x-www-form-urlencoded'}
3.075780 <-- RESPONSE: <Response [200]>
3.093311 <-- CONTENT: {"client_id":"@!1111!0008!E943.3D85","client_secret":"339584c6-103e-48e8-ac04-d132060583cd","expires_at":1349280212}
3.093339 <-- COOKIES: {'JSESSIONID': '773CDAA535EE6940A8C09BD7942A44D4'}
3.096136 [RegistrationResponseCARS]: {'client_secret': u'339584c6-103e-48e8-ac04-d132060583cd', 'expires_at': 1349280212, 'client_id': u'@!1111!0008!E943.3D85'}
3.096236 ======================================================================
3.097052 --> URL: https://seed.gluu.org/oxauth/seam/resource/restv1/oxauth/authorize?nonce=Mn4FCaqydhFQ&state=STATE0&redirect_uri=https%253A%2F%2Fopenidtest.uninett.no%2Fauthz_cb%253Ffox%253Dbat&response_type=code&client_id=%40%211111%210008%21E943.3D85&scope=openid
3.097063 --> BODY: None
3.782785 <-- RESPONSE: <Response [400]>
3.783056 <-- CONTENT: {"error":"invalid_request_redirect_uri","error_description":"The redirect_uri in the Authorization Request does not match any of the Client's pre-registered redirect_uris.","state":"STATE0"}
3.783073 <-- COOKIES: {'JSESSIONID': '6952691AE7755A97D3586A63C4168D73'}
The text was updated successfully, but these errors were encountered: