From 3b0b5221a0c88ad733a3ffc769b5acada70c2afd Mon Sep 17 00:00:00 2001 From: Trevor Brown Date: Thu, 11 Jul 2024 14:29:05 -0400 Subject: [PATCH] Don't send the same parameters in query string and JWT for redirect URL (#360) --- src/oidcc_authorization.erl | 3 --- test/oidcc_authorization_SUITE.erl | 3 --- test/oidcc_authorization_test.erl | 3 --- 3 files changed, 9 deletions(-) diff --git a/src/oidcc_authorization.erl b/src/oidcc_authorization.erl index ffbafe9..bab2da0 100644 --- a/src/oidcc_authorization.erl +++ b/src/oidcc_authorization.erl @@ -448,9 +448,6 @@ essential_params(QueryParams) -> lists:filter( fun ({<<"scope">>, _Value}) -> true; - ({<<"response_type">>, _Value}) -> true; - ({<<"client_id">>, _Value}) -> true; - ({<<"redirect_uri">>, _Value}) -> true; (_Other) -> false end, QueryParams diff --git a/test/oidcc_authorization_SUITE.erl b/test/oidcc_authorization_SUITE.erl index 18e77e8..2bcf919 100644 --- a/test/oidcc_authorization_SUITE.erl +++ b/test/oidcc_authorization_SUITE.erl @@ -44,9 +44,6 @@ create_redirect_url_inl_gov(_Config) -> ?assertMatch( #{ - <<"client_id">> := <<"client_id">>, - <<"redirect_uri">> := <<"https://my.server/return">>, - <<"response_type">> := <<"code">>, <<"scope">> := <<"openid">>, <<"request">> := _ }, diff --git a/test/oidcc_authorization_test.erl b/test/oidcc_authorization_test.erl index 9a68a3e..c1c8f81 100644 --- a/test/oidcc_authorization_test.erl +++ b/test/oidcc_authorization_test.erl @@ -211,9 +211,6 @@ create_redirect_url_with_request_object_test() -> ?assertMatch( #{ - <<"client_id">> := <<"client_id">>, - <<"redirect_uri">> := <<"https://my.server/return">>, - <<"response_type">> := <<"code">>, <<"scope">> := <<"openid">>, <<"should_be_in">> := <<"both">>, <<"request">> := _