Allow token URL to be on a different host

Bug #1588210 reported by Alberto Mardegan
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
signon-plugin-oauth2 (Ubuntu)
Fix Released
High
Alberto Mardegan

Bug Description

Some OAuth 2.0 providers have the token endpoint used in the web-based authentication on a different host than the authorization endpoint (an example is mcloud by China Mobile).

The plugin must support this use case, possibly by allowing the TokenPath parameter to hold a full URL.

Alberto Mardegan (mardy)
Changed in signon-plugin-oauth2 (Ubuntu):
assignee: nobody → Alberto Mardegan (mardy)
importance: Undecided → High
status: New → In Progress
Revision history for this message
David Barth (dbarth) wrote : Re: [Bug 1588210] [NEW] Allow token URL to be on a different host

Beware of potential cross-origin resource issues.

On Thu, Jun 2, 2016 at 10:01 AM, Alberto Mardegan <
<email address hidden>> wrote:

> Public bug reported:
>
> Some OAuth 2.0 providers have the token endpoint used in the web-based
> authentication on a different host than the authorization endpoint (an
> example is mcloud by China Mobile).
>
> The plugin must support this use case, possibly by allowing the
> TokenPath parameter to hold a full URL.
>
> ** Affects: signon-plugin-oauth2 (Ubuntu)
> Importance: High
> Assignee: Alberto Mardegan (mardy)
> Status: In Progress
>
> ** Changed in: signon-plugin-oauth2 (Ubuntu)
> Assignee: (unassigned) => Alberto Mardegan (mardy)
>
> ** Changed in: signon-plugin-oauth2 (Ubuntu)
> Importance: Undecided => High
>
> ** Changed in: signon-plugin-oauth2 (Ubuntu)
> Status: New => In Progress
>
> --
> You received this bug notification because you are a member of WebApps,
> which is subscribed to signon-plugin-oauth2 in Ubuntu.
> https://bugs.launchpad.net/bugs/1588210
>
> Title:
> Allow token URL to be on a different host
>
> To manage notifications about this bug go to:
>
> https://bugs.launchpad.net/ubuntu/+source/signon-plugin-oauth2/+bug/1588210/+subscriptions
>

Revision history for this message
Alberto Mardegan (mardy) wrote :

Indeed, but in this case the URLs are not coming from the server, but are statically defined in the .provider file shipped by the account plugin.

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package signon-plugin-oauth2 - 0.24+16.10.20160818-0ubuntu1

---------------
signon-plugin-oauth2 (0.24+16.10.20160818-0ubuntu1) yakkety; urgency=medium

  * New upstream release
    - OAuth2: allow token URL to be on a different host (LP: #1588210)
    - OAuth2: accept replies carrying text/html content type (LP: #1438393)
    - Enable CI on gitlab.com
  * debian/control, debian/rules:
    - Don't run tests in dbus-test-runner
    - Update link to project homepage

 -- Alberto Mardegan <email address hidden> Thu, 18 Aug 2016 07:22:39 +0000

Changed in signon-plugin-oauth2 (Ubuntu):
status: In Progress → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.