Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Oauth server not handling state when requesting a token directly #1342

Closed
jwforres opened this issue Mar 17, 2015 · 3 comments · Fixed by #2288
Closed

Oauth server not handling state when requesting a token directly #1342

jwforres opened this issue Mar 17, 2015 · 3 comments · Fixed by #2288
Assignees
@liggitt
Labels
component/web kind/bug Categorizes issue or PR as related to a bug. priority/P2

Comments

@jwforres
Copy link
Member

This results in the web console not returning to the page you were previously on before being redirected to login.
@jwforres jwforres added the kind/bug Categorizes issue or PR as related to a bug. label Mar 17, 2015
@liggitt
Copy link
Contributor

liggitt commented May 16, 2015

The osin library is not including state in the hash for the implicit flow

@liggitt
Copy link
Contributor

liggitt commented May 16, 2015

Fixed in https://github.com/RangelReale/osin/pull/32
Will look into updating osin or cherry-picking if the delta is too big

@liggitt
Copy link
Contributor

liggitt commented May 16, 2015

Diff between where we are and master isn't that big: RangelReale/osin@1f4e975...eff0d43

Most of the changes are changes to examples or a refactor of token expiration checking

@liggitt liggitt mentioned this issue May 16, 2015
Merged
3 tasks
jboyd01 pushed a commit to jboyd01/origin that referenced this issue Oct 10, 2017
Squashed 'cmd/service-catalog/go/src/github.com/kubernetes-incubator/…
9d261e0 
…service-catalog/' changes from 7011d9e816..a385bb3f67

a385bb3f67 carry: Set external plan name for service-catalog walkthrough
3ec9e5b07a origin build: add origin tooling
8bb631f v0.1.0-rc1 chart updates (openshift#1359)
400e37f Move API to v1beta1 (openshift#1356)
8f55a99 0.0.24 chart updates (openshift#1357)
7ebb8ae Rename Service[Broker|Class|Plan]Status => ClusterService... (openshift#1349)
82a6103 Detect removed catalog entries (openshift#1353)
85125fd Refactor instance spec (openshift#1350)
99c0644 Update to Kubernetes 1.8 (openshift#1334)
a537490 Reformatting printed messages for controller_instance (openshift#1341)
0763ac0 Use field selector for broker delete (openshift#1348)
93fb0e5 remaining renames from ServiceInstanceCredential to ServiceBinding (openshift#1347)
cfdb2ed add text about how updating secrets/params require a 'poke' (openshift#1337)
1d04776 Change PresentInCatalog -> MissingFromBrokerCatalog (openshift#1342)
c95309c Update Service[Broker|Class|Plan] to ClusterService[Broker|Class|Plan] (openshift#1345)
9365039 Fix controller binding queue name, update documents (openshift#1344)
6375eb3 Do not set Ready/False condition in API Server when updating an instance. (openshift#1335)
108f05d Merge branch 'pr/1340'
bd0cb7b gofmt
e0ce4b5 Jenkins modifications
9341cbf unit and integration tests pass
076bfb2 Disambiguate k8s and external names in log messages for broker (openshift#1336)
c59e1e5 types.go changes for review
4ceaaab Rename resources from Service[Class|Plan]  to ClusterService[Class|Plan] (openshift#1327)
556c7d8 Add status.presentInCatalog field to service/plan (openshift#1328)
a6ad96a openshift#1148: Support updates to Instances (openshift#1289)
e36d286 fix RBAC resource names for ClusterServiceBroker (openshift#1330)
78d09ae add timeout (openshift#1326)
92ac8b5 Address comments raised after 1305 was merged (openshift#1321)
aca7543 Rename ServiceBroker to ClusterServiceBroker (openshift#1319)
a2b6ac0 Implementation for binding orphan mitigation (openshift#1241)
bffe4de Chart updates for 0.0.23 release (openshift#1325)
REVERT: 7011d9e816 origin build: add origin tooling

git-subtree-dir: cmd/service-catalog/go/src/github.com/kubernetes-incubator/service-catalog
git-subtree-split: a385bb3f67480a3c49b65b16c1d631b4d5fb5988
jboyd01 pushed a commit to jboyd01/origin that referenced this issue Oct 10, 2017
Squashed 'cmd/service-catalog/go/src/github.com/kubernetes-incubator/…
46dccda 
…service-catalog/' changes from 7011d9e816..3aacfedec6

3aacfedec6 carry: Set external plan name for service-catalog walkthrough
3ec9e5b07a origin build: add origin tooling
8bb631f v0.1.0-rc1 chart updates (openshift#1359)
400e37f Move API to v1beta1 (openshift#1356)
8f55a99 0.0.24 chart updates (openshift#1357)
7ebb8ae Rename Service[Broker|Class|Plan]Status => ClusterService... (openshift#1349)
82a6103 Detect removed catalog entries (openshift#1353)
85125fd Refactor instance spec (openshift#1350)
99c0644 Update to Kubernetes 1.8 (openshift#1334)
a537490 Reformatting printed messages for controller_instance (openshift#1341)
0763ac0 Use field selector for broker delete (openshift#1348)
93fb0e5 remaining renames from ServiceInstanceCredential to ServiceBinding (openshift#1347)
cfdb2ed add text about how updating secrets/params require a 'poke' (openshift#1337)
1d04776 Change PresentInCatalog -> MissingFromBrokerCatalog (openshift#1342)
c95309c Update Service[Broker|Class|Plan] to ClusterService[Broker|Class|Plan] (openshift#1345)
9365039 Fix controller binding queue name, update documents (openshift#1344)
6375eb3 Do not set Ready/False condition in API Server when updating an instance. (openshift#1335)
108f05d Merge branch 'pr/1340'
bd0cb7b gofmt
e0ce4b5 Jenkins modifications
9341cbf unit and integration tests pass
076bfb2 Disambiguate k8s and external names in log messages for broker (openshift#1336)
c59e1e5 types.go changes for review
4ceaaab Rename resources from Service[Class|Plan]  to ClusterService[Class|Plan] (openshift#1327)
556c7d8 Add status.presentInCatalog field to service/plan (openshift#1328)
a6ad96a openshift#1148: Support updates to Instances (openshift#1289)
e36d286 fix RBAC resource names for ClusterServiceBroker (openshift#1330)
78d09ae add timeout (openshift#1326)
92ac8b5 Address comments raised after 1305 was merged (openshift#1321)
aca7543 Rename ServiceBroker to ClusterServiceBroker (openshift#1319)
a2b6ac0 Implementation for binding orphan mitigation (openshift#1241)
bffe4de Chart updates for 0.0.23 release (openshift#1325)
REVERT: 7011d9e816 origin build: add origin tooling

git-subtree-dir: cmd/service-catalog/go/src/github.com/kubernetes-incubator/service-catalog
git-subtree-split: 3aacfedec6f8d3d07a5b922e0fcd4a9b28a0e5d2
jpeeler pushed a commit to jpeeler/origin that referenced this issue Feb 1, 2018
@pmorie @nilebox
Change PresentInCatalog -> MissingFromBrokerCatalog (openshift#1342)
1d04776
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@liggitt liggitt

Labels
component/web kind/bug Categorizes issue or PR as related to a bug. priority/P2
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Upgrade osin, increase entropy in tokens
3 participants
@danmcp @liggitt @jwforres