[MGNLSSO-64] SSO Module appends ?client_name=OidcClient to callbackURL, preventing integration with Azure B2C Created: 30/Jun/21  Updated: 06/Jul/21  Resolved: 05/Jul/21

Status: Closed
Project: Single Sign On
Component/s: sso-connector
Affects Version/s: 1.1.1
Fix Version/s: None

Type: Bug Priority: High
Reporter: Lee Salter Assignee: Unassigned
Resolution: Duplicate Votes: 1
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Azure Linux VM (debian 10, Tomcat 9), Magnolia DX Core 6.2.9


Issue Links:
Relates
relates to MGNLSSO-59 Make OidcClient the default client Closed
Template:
Acceptance criteria:
Empty
Task DoD:
[ ]* Doc/release notes changes? Comment present?
[ ]* Downstream builds green?
[ ]* Solution information and context easily available?
[ ]* Tests
[ ]* FixVersion filled and not yet released
[ ]  Architecture Decision Record (ADR)
Bug DoR:
[X]* Steps to reproduce, expected, and actual results filled
[X]* Affected version filled
Date of First Response:

 Description   

Steps to reproduce

  1.  Create and configure an Azure AD B2C tenant
  2.  Configure a Magnolia deployment as per  https://docs.magnolia-cms.com/product-docs/6.2/Modules/List-of-modules/SSO-module.html to connect to the B2C tenant
  3. Attempt to access Magnolia

Expected results

Redirects to Azure AD B2C login page

Actual results

Azure AD B2C reports that the redirect URI supplied in the request does not match any allowed for the client.  Azure AD B2C also does not allow Querystrings to be added to the allowed redirect URIs

Workaround

Rewrite rule applied in Azure App Gateway to remove the problematic Querystring value

Development notes



 Comments   
Comment by Mercedes Iruela [ 05/Jul/21 ]

Hello Lee, 

This issue was already reported and will be available within SSO Module version 2.0.

So that, I am closing this ticket as duplicated.

Thanks for sharing!

Best regards,
Mercedes

Generated at Mon Feb 12 10:50:46 CET 2024 using Jira 9.4.2#940002-sha1:46d1a51de284217efdcb32434eab47a99af2938b.