With OpenId a hybrid flow response type gives an illegalargument exception

Description

The response type should be able to contain multiple values
http://openid.net/specs/openid-connect-core-1_0.html#Authentication

"response_type" value

Flow

code

Authorization Code Flow

id_token

Implicit Flow

id_token token

Implicit Flow

code id_token

Hybrid Flow

code token

Hybrid Flow

code id_token token

Hybrid Flow

However, this fails:

Activity

Show:
Jan Willem Janssen
December 1, 2017, 10:43 AM

Solved by the fix for AMDATUSEC-41, see #273ffee.

Koos Gadellaa
July 19, 2017, 9:03 AM
Edited

will probably fix this, to encode the spaces properly.
Take note that this fix is in the scribejava OpenIdConnectApi.java

Koos Gadellaa
July 14, 2017, 10:20 AM

The space is causing the exception, the problem is that the code doesn't handle a valid value which contains spaces :-/

I'll try and work around it (or maybe fix it in the branch with response_method and nonce support)

Jan Willem Janssen
July 13, 2017, 2:53 PM
Edited

response_type=code id_token <- the space is causing your problem. Can you try if it works if you escape the space with %20 or + ?

Fixed

Assignee

Unassigned

Reporter

Koos Gadellaa