-
-
Notifications
You must be signed in to change notification settings - Fork 1.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Bug] Oauth2: Reuse TLS Certifcate valiadation and custom CA settings from preferences when accessing Auth and Token URLs #1684
Comments
pietrygamat
changed the title
Oauth2: Reuse TLS Certifcate valiadation and custom CA settings from preferences when accessing Auth and Token URLs
[Bug] Oauth2: Reuse TLS Certifcate valiadation and custom CA settings from preferences when accessing Auth and Token URLs
Mar 4, 2024
pietrygamat
added a commit
to pietrygamat/bruno
that referenced
this issue
Apr 12, 2024
…from preferences when accessing Auth and Token URLs usebruno#1684
Merged
5 tasks
pietrygamat
added a commit
to pietrygamat/bruno
that referenced
this issue
Apr 12, 2024
…from preferences when accessing Auth and Token URLs usebruno#1684 usebruno#1003
lizziemac
pushed a commit
to lizziemac/bruno
that referenced
this issue
May 4, 2024
…from preferences when accessing Auth and Token URLs (usebruno#2071) usebruno#1684 usebruno#1003
jwetzell
pushed a commit
to jwetzell/bruno
that referenced
this issue
Aug 2, 2024
…from preferences when accessing Auth and Token URLs (usebruno#2071) usebruno#1684 usebruno#1003
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
In a test environment it may be expected to have some auth server not properly secured with TLS (domain mismatch/self-signed cert/etc). Although Bruno honors my customizations to TLS verificication when calling target URL without authorization, it will fail when attempting to obtain access token during OAuth2 flow, even though the endpoints are on the same server.
In example request.bru:
let's assume my test server on localhost is hosted using self-signed certificate. If I switch off TLS Verification or upload custom CA Certificate in Preferences:
I am able to pass TLS handshake when reaching for
https://localhost/userprofile
. If I however enable OAuth2, bruno will not use these same settings when making behind the scenes calls tohttps://localhost/auth
andhttps://localhost/token
, forcing me to install the CA system wide.Bruno: 1.10.0
#1003
The text was updated successfully, but these errors were encountered: