Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

bug: SSO userinfo request is using HTTP POST method #4898

Closed
wvandeun opened this issue Nov 8, 2024 · 0 comments
Closed

bug: SSO userinfo request is using HTTP POST method #4898

wvandeun opened this issue Nov 8, 2024 · 0 comments
Assignees
Labels
group/backend Issue related to the backend (API Server, Git Agent) priority/1 This issue must be fixed/implemented ASAP, it's a blocker for a release type/bug Something isn't working as expected

Comments

@wvandeun
Copy link
Contributor

wvandeun commented Nov 8, 2024

Component

API Server / GraphQL

Infrahub version

1.0.2

Current Behavior

The userinfo request during the OAUTH2 and OIDC process is sent using an HTTP POST.
Some authorization servers only support this using a HTTP GET request.

According to the spec, both methods are supported and it is recommended to use HTTP GET:
https://openid.net/specs/openid-connect-core-1_0.html#UserInfoRequest

When we send the userinfo request using an HTTP POST to a server that only supports this using an HTTP GET, we will get back an HTTP 404 response. This response will not contain a JSON payload, which will cause an exception to be raised:

body=response.json(),

Expected Behavior

Support calling the userinfo endpoint using the HTTP GET method

Steps to Reproduce

Configure an SSO authorization server that only supports the userinfo request using HTTP GET in Infrahub.

Additional Information

No response

@wvandeun wvandeun added type/bug Something isn't working as expected group/backend Issue related to the backend (API Server, Git Agent) labels Nov 8, 2024
@exalate-issue-sync exalate-issue-sync bot added the priority/1 This issue must be fixed/implemented ASAP, it's a blocker for a release label Nov 8, 2024
@exalate-issue-sync exalate-issue-sync bot added this to the Infrahub - 1.0.x milestone Nov 8, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
group/backend Issue related to the backend (API Server, Git Agent) priority/1 This issue must be fixed/implemented ASAP, it's a blocker for a release type/bug Something isn't working as expected
Projects
None yet
Development

Successfully merging a pull request may close this issue.

2 participants