OAuth2AuthorizationCodeGrantFilter should also match on query parameters #7963
Labels
in: oauth2
An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose)
status: backported
An issue that has been backported to maintenance branches
type: bug
A general bug
Milestone
The current implementation of
OAuth2AuthorizationCodeGrantFilter
does not match on the query parameters that may be contained in the registeredredirect_uri
.As per spec, in section 3.1.2 Redirection Endpoint:
We should apply this fix to ensure the
OAuth2AuthorizationCodeGrantFilter
also matches on the query parameters.The text was updated successfully, but these errors were encountered: