Pushed this fix in meecrowave oauth2. Happy to remove this hack with 3.1.10 ;)
Le 13 janv. 2017 21:13, "Sergey Beryozkin" <[email protected]> a écrit : > Hi Romain > > I recall I was experimenting with this provider awhile back (as part of > our internal demo, at the RP side), and it worked. But it was awhile since > I looked at it. > > The actual JwsUtils returns in this case a validated JWS sequence > (headers+payload). > > Oh, I see, that is diff provider, I was ref to the one used on the RP > side, and you - to the session authenticity one. Might be a bug, will check > on Mon > > Thanks, Sergey > On 13/01/17 18:11, Romain Manni-Bucau wrote: > >> In the mentionned method we have: >> >> stateString = JwsUtils.verify(jws, stateString).getUnsignedEncode >> dSequence(); >> >> >> should we get: >> >> stateString = JwsUtils.verify(jws, stateString).getDecodedJwsPayload(); >> >> >> ? >> >> Otherwise i don't see how the round trip can work >> >> Romain Manni-Bucau >> @rmannibucau <https://twitter.com/rmannibucau> | Blog >> <https://blog-rmannibucau.rhcloud.com> | Old Blog >> <http://rmannibucau.wordpress.com> | Github < >> https://github.com/rmannibucau> | >> LinkedIn <https://www.linkedin.com/in/rmannibucau> | JavaEE Factory >> <https://javaeefactory-rmannibucau.rhcloud.com> >> >> > > -- > Sergey Beryozkin > > Talend Community Coders > http://coders.talend.com/ >
