[
https://issues.apache.org/jira/browse/GUACAMOLE-1966?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Nick Couchman updated GUACAMOLE-1966:
-------------------------------------
Priority: Minor (was: Major)
> Remove the query parameters from openid redirect url after successful login
> ---------------------------------------------------------------------------
>
> Key: GUACAMOLE-1966
> URL: https://issues.apache.org/jira/browse/GUACAMOLE-1966
> Project: Guacamole
> Issue Type: Wish
> Components: guacamole-auth-openid
> Affects Versions: 1.5.5
> Reporter: Mohammed Ishaque Ibrahim
> Priority: Minor
>
> I have made changes to openid module to support the PKCE flow for a project.
> While this works, the query parameter from URL that is passed as redirect
> from idp (mainly authcode and other parameter that is returned post
> authentication by idp) sticks around.
> With the queryparmeter intact if user logout from user menu and try to
> connect, the expired auth code and other parameters are passed to
> authenticateUser method. This complicate the logic for handling the code
> grant flow logic.
>
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
