[jira] [Updated] (OLTU-182) Colons in client secrets are not supported

Jasha Joachimsthal (JIRA) Wed, 02 Mar 2016 05:29:21 -0800

     [ 
https://issues.apache.org/jira/browse/OLTU-182?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Jasha Joachimsthal updated OLTU-182:
------------------------------------
    Component/s: oauth2-common

> Colons in client secrets are not supported
> ------------------------------------------
>
>                 Key: OLTU-182
>                 URL: https://issues.apache.org/jira/browse/OLTU-182
>             Project: Apache Oltu
>          Issue Type: Bug
>          Components: oauth2-common
>    Affects Versions: oauth2-1.0.0
>            Reporter: Adam Campbell
>            Assignee: Jasha Joachimsthal
>            Priority: Critical
>             Fix For: oauth2-1.0.2
>
>
> Let me know if I'm misunderstanding, but it seems like the basic auth spec 
> allows colons in the password: https://tools.ietf.org/html/rfc2617#section-2
> OAuthUtils.decodeClientAuthentication just splits on a colon, thus failing if 
> colons are used in the password.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Updated] (OLTU-182) Colons in client secrets are not supported

Reply via email to