Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-8117

OAuth2 with 2 or more scopes goes to profile instead of consent page

    Details

    • Support Ticket IDs:

      Description

      Steps to reproduce:

      • Configure OAuth2 for a realm (root or sub), with supported scopes test and test2
      • Configure an OAuth2 agent, myagent with both scopes, and redirect URL of http://google.com
      • Go to [amUrl]/oauth2/authorize?nonce=1234&scope=test&response_type=code&client_id=myagent&redirect_uri=http%3A%2F%2Fgoogle.com
      • Log in
      • See consent page as expected
      • Go to [amUrl], and logout
      • Go to [amUrl]/oauth2/authorize?nonce=1234&scope=test%20test2&response_type=code&client_id=myagent&redirect_uri=http%3A%2F%2Fgoogle.com
      • Log in

      Expected

      • Consent page

      Actual

      • Profile page

        Attachments

          Activity

            People

            • Assignee:
              joe.bandenburg Joe Bandenburg [X] (Inactive)
              Reporter:
              jamesphillpotts James Phillpotts
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: