-
Notifications
You must be signed in to change notification settings - Fork 6.1k
JwtDecoderProviderConfigurationUtils incorrectly handles issuer URI #15852
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Labels
Comments
bodograumann
added a commit
to bodograumann/spring-framework
that referenced
this issue
Sep 30, 2024
jzheaux
pushed a commit
to bodograumann/spring-security
that referenced
this issue
Feb 20, 2025
jzheaux
added a commit
to bodograumann/spring-security
that referenced
this issue
Feb 20, 2025
In the process of verifying spring-projectsgh-15852, another issue with URI was discovered. This commit adds tests to the uri-computing methods and changes them to use UriComponents instead of URI. Issue spring-projectsgh-15852
jzheaux
added a commit
to bodograumann/spring-security
that referenced
this issue
Feb 20, 2025
jzheaux
added a commit
that referenced
this issue
Feb 20, 2025
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Labels
Describe the bug
JwtDecoderProviderConfigurationUtils
useUriComponentsBuilder
to modify aURI
inoidc
,oidcRfc8414
andoauth
.Due to a known issue in UriComponents builder (spring-projects/spring-framework#27774), this produces invalid URIs in the cases where the URI contains an
authority
, but nohost
.These still come up in practice though, e.g. see the following partial backtrace:
To Reproduce
shows what happens. It outputs:
Expected behavior
The correct oidc URI should be generated:
http://elated_sutherland:8080/auth/realms/my-realm/.well-known/openid-configuration
.The text was updated successfully, but these errors were encountered: