[
https://issues.apache.org/jira/browse/GUACAMOLE-1966?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Mohammed Ishaque Ibrahim updated GUACAMOLE-1966:
------------------------------------------------
Description:
I have made changes to openid module to support the PKCE flow for a project.
While this works, the query parameter from URL that is passed as redirect from
idp (mainly authcode and other parameter that is returned post authentication
by idp) sticks around.
With the queryparmeter intact if user logout from user menu and try to
connect, the expired auth code and other parameters are passed to
authenticateUser method. This complicate the logic for handling the code grant
flow logic.
was:I have made changes to openid module to support the PKCE flow for a
project. While this works, Is there a way to remove the query parameter from
URL that is passed as redirect from idp (mainly authcode and other parameter
that is returned post authentication by idp).
> Remove the query parameters from openid redirect url after successful login
> ---------------------------------------------------------------------------
>
> Key: GUACAMOLE-1966
> URL: https://issues.apache.org/jira/browse/GUACAMOLE-1966
> Project: Guacamole
> Issue Type: Wish
> Components: guacamole-auth-openid
> Affects Versions: 1.5.5
> Reporter: Mohammed Ishaque Ibrahim
> Priority: Major
> Fix For: 1.5.5
>
>
> I have made changes to openid module to support the PKCE flow for a project.
> While this works, the query parameter from URL that is passed as redirect
> from idp (mainly authcode and other parameter that is returned post
> authentication by idp) sticks around.
> With the queryparmeter intact if user logout from user menu and try to
> connect, the expired auth code and other parameters are passed to
> authenticateUser method. This complicate the logic for handling the code
> grant flow logic.
>
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
