Skip to content

OAuthResourceServerConfig: customUrlValidation not used when allowedUrls not set #593

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
jhilscher opened this issue Aug 1, 2019 · 3 comments
Closed

OAuthResourceServerConfig: customUrlValidation not used when allowedUrls not set #593

jhilscher opened this issue Aug 1, 2019 · 3 comments
Labels
bug For tagging faulty or unexpected behavior. future-version Will be considered, but for a future version. pr-welcome We'd welcome a PR to solve the issue.

Comments

@jhilscher
Copy link

jhilscher commented Aug 1, 2019
edited
Loading

Describe the bug

OAuthModule.forRoot({
      resourceServer: {
        sendAccessToken: true,
        customUrlValidation: someValidationFn...
      },
})

1: The customUrlValidation function is not being called unless allowedUrls is definied.
2: When allowedUrls and customUrlValidation are definied, only customUrlValidation is used to verify the urls

To Reproduce
Use the resourceServerConfig from above.

Expected behavior
1: customUrlValidation should be used, even if allowedUrls is null/undefined.
2: if both customUrlValidation and allowedUrls are set, both should be used to validate the url.

Desktop (please complete the following information):

  • OS: all
  • Browser all
  • Version 8.0.2
@manfredsteyer
Copy link
Owner

Thanks for pointing this out.

So, the quick fix is to set allowedUrls to an empty array even if the customUrlValidation does not need it.

Next version: The proper fix is, to do it as described by you

@manfredsteyer manfredsteyer added future-version Will be considered, but for a future version. pr-welcome We'd welcome a PR to solve the issue. labels Aug 3, 2019
@jeroenheijmans jeroenheijmans added the bug For tagging faulty or unexpected behavior. label Aug 5, 2019
@adrianbenjuya
Copy link
Contributor

There is a PR #584

@manfredsteyer
Copy link
Owner

merged the PR. Thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug For tagging faulty or unexpected behavior. future-version Will be considered, but for a future version. pr-welcome We'd welcome a PR to solve the issue.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@manfredsteyer @jeroenheijmans @jhilscher @adrianbenjuya