Skip to content

api: redirect anonymous /oauth2/authorize to /login (Spring SAS 7)#183

Merged
ExtraToast merged 1 commit into
mainfrom
platform/oidc-anonymous-authorize-redirect
May 10, 2026
Merged

api: redirect anonymous /oauth2/authorize to /login (Spring SAS 7)#183
ExtraToast merged 1 commit into
mainfrom
platform/oidc-anonymous-authorize-redirect

Conversation

@ExtraToast

Copy link
Copy Markdown
Contributor

Spring SAS 7's authorize provider turns an anonymous principal into a 302 to redirect_uri with ?error=invalid_request&error_description=OAuth 2.0 Parameter: principal. Vault's popup sees no code and shows "callback did not supply all of the required parameters".

Pre-empt that with a filter on /oauth2/authorize that 302s anonymous requests to /login?redirect=... instead, mirroring the SAS 1.x behaviour the SPA's off-SPA redirect was built around.

@ExtraToast ExtraToast added the bug Something isn't working label May 10, 2026
@ExtraToast ExtraToast self-assigned this May 10, 2026
@ExtraToast ExtraToast added the bug Something isn't working label May 10, 2026
@ExtraToast ExtraToast merged commit 8b2ee60 into main May 10, 2026
14 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

bug Something isn't working

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant