fusionauth-issues [Bug]: Incorrect redirect uri query parameters for oauth error redirects when the redirect uri has a query parameter configured

[Bug]: Incorrect redirect uri query parameters for oauth error redirects when the redirect uri has a query parameter configured

Open lyleschemmerling opened this issue 8 months ago • 0 comments

What happened?

Given a uri in the application allowed redirect URIs with a query parameter like

https://example.com/callback.php?data=info

When a user follows an oauth flow that ends up producing an OAuth error after which they are redirected to the callback,

Then the query parameters on the callback uri are malformed. Specifically the oauth error query parameters, i.e. error=invalid_request&error_reason=invalid_origin&error_description=Invalid+origin+uri+https%3A%2Faccounts.google.com will be appended to the redirect uri without the delimiting &.

https://example.com/callback.php?data=infoerror=invalid_request&error_reason=invalid_origin&error_description=Invalid+origin+uri+https%3A%2FFaccounts.google.com

Version

1.51.0

Affects Versions

>= 1.5.0

May 31 '24 20:05 lyleschemmerling

fusionauth-issues fusionauth-issues copied to clipboard

[Bug]: Incorrect redirect uri query parameters for oauth error redirects when the redirect uri has a query parameter configured

What happened?

Version

Affects Versions

fusionauth-issues
fusionauth-issues copied to clipboard