pzampino commented on code in PR #1074:
URL: https://github.com/apache/knox/pull/1074#discussion_r2267881974
##########
gateway-server/src/main/java/org/apache/knox/gateway/UrlEncodedFormRequest.java:
##########
@@ -77,6 +78,9 @@ private MultiMap<String> parseQueryString(String queryString)
{
@Override
public String getParameter(String name) {
+ if(JWTFederationFilter.GRANT_TYPE.equals(name) ||
JWTFederationFilter.CLIENT_ID.equals(name) ||
JWTFederationFilter.CLIENT_SECRET.equals(name)) {
+ return super.getParameter(name);
+ }
return queryParams.getValue(name, 0);
Review Comment:
For proxying cases, that makes sense, but when Knox itself is the terminus,
and the API includes form data, we end up with this unusual situation. It seems
like perhaps we should only be using UrlEncodedFormRequest when the content
type is "x-www-form-urlencoded" AND Knox is proxying. When Knox is providing
the API itself, this restriction is not necessary and this extension need not
be applied. The trick is discerning proxying requests from "Knox-native" API
requests.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: dev-unsubscr...@knox.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
