fedlab
fedlab copied to clipboard
rohe
Double URL encoded parameter in test: Request with redirect_uri with query component
In the authorization request, the parameter redirect_uri has been URL encoded two times:
Original Value https%253A%2F%2Fopenidtest.uninett.no%2Fauthz_cb%253Ffox%253Dbat
1st URL Decode https%3A//openidtest.uninett.no/authz_cb%3Ffox%3Dbat
2nd URL Decode https://openidtest.uninett.no/authz_cb?fox=bat
Here is my complete debug output:
0.002612 EXPORT 0.016228 Started key provider 1.018564 ====================================================================== 1.018781 <-- FUNCTION: discover 1.018910 <-- ARGS: {'features': {u'key_export': True, u'registration': True, u'session_management': True, u'discovery': True}, 'location': '', 'trace': <oictest.base.Trace object at 0x1fe0b90>, 'issuer': u'https://seed.gluu.org'} 2.251798 {u'https://seed.gluu.org': {'ver': {'rsa': [<M2Crypto.RSA.RSA_pub instance at 0x2063c20>, <M2Crypto.RSA.RSA_pub instance at 0x2063c68>, <M2Crypto.RSA.RSA_pub instance at 0x2063cb0>]}, 'dec': {}, 'enc': {}, 'sig': {}}, '.': {'ver': {'rsa': [<M2Crypto.RSA.RSA_pub instance at 0x2054758>]}, 'dec': {}, 'enc': {}, 'sig': {'rsa': [<M2Crypto.RSA.RSA_pub instance at 0x2054758>]}}} 2.252293 ====================================================================== 2.252998 --> URL: https://seed.gluu.org/oxauth/seam/resource/restv1/oxauth/register 2.253008 --> BODY: client_id=&redirect_uris=https%3A%2F%2Fopenidtest.uninett.no%2Fauthz_cb&type=client_associate&jwk_url=http%3A%2F%2Fopenidtest.uninett.no%3A8090%2Fexport%2Fjwk.json&x509_url=http%3A%2F%2Fopenidtest.uninett.no%3A8090%2Fexport%2Fcert.pem 2.253018 --> HEADERS: {'content-type': 'application/x-www-form-urlencoded'} 3.075780 <-- RESPONSE: <Response [200]> 3.093311 <-- CONTENT: {"client_id":"@!1111!0008!E943.3D85","client_secret":"339584c6-103e-48e8-ac04-d132060583cd","expires_at":1349280212} 3.093339 <-- COOKIES: {'JSESSIONID': '773CDAA535EE6940A8C09BD7942A44D4'} 3.096136 [RegistrationResponseCARS]: {'client_secret': u'339584c6-103e-48e8-ac04-d132060583cd', 'expires_at': 1349280212, 'client_id': u'@!1111!0008!E943.3D85'} 3.096236 ====================================================================== 3.097052 --> URL: https://seed.gluu.org/oxauth/seam/resource/restv1/oxauth/authorize?nonce=Mn4FCaqydhFQ&state=STATE0&redirect_uri=https%253A%2F%2Fopenidtest.uninett.no%2Fauthz_cb%253Ffox%253Dbat&response_type=code&client_id=%40%211111%210008%21E943.3D85&scope=openid 3.097063 --> BODY: None 3.782785 <-- RESPONSE: <Response [400]> 3.783056 <-- CONTENT: {"error":"invalid_request_redirect_uri","error_description":"The redirect_uri in the Authorization Request does not match any of the Client's pre-registered redirect_uris.","state":"STATE0"} 3.783073 <-- COOKIES: {'JSESSIONID': '6952691AE7755A97D3586A63C4168D73'}
