Doorkeeper: `redirect_uri` no longer valid since v4.3.0

Created on 26 Mar 2018  路  5Comments  路  Source: doorkeeper-gem/doorkeeper

Steps to reproduce

I have an OAuth app. It redirects users to a doorkeeper endpoint to get authorized. It passes the following redirect_uri as a parameter:

http://localhost:8081/authorized?referrer=%2F

The referrer is the path on the app the user should be referred to after the authorization flow is done. It can be any path on the site, but in this example its the root.

The OAuth app has the following callback url configured: http://localhost:8081/authorized.

Expected behavior

The user gets redirected back to the app. The app can then get an access token from doorkeeper.

Actual behavior

In v4.2.6 this is working as expected.

From v4.3.0 things break. After the user logs in on the app running doorkeeper, they are correctly redirected back to the app. When the app than makes an API call to get a token however I get an error:

The provided authorization grant is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client.

I checked the authorization grant and I can find it in the database. Nothing seems wrong with it, so I assume the redirection URI is the problem.

Analysis

I imagine this is probably related to #974. Is there something I can do to fix this use case for v4.3.0 and above?

Thanks for reading!

bug?

All 5 comments

Hi @jwoudenberg. Try to use master branch because we have some fixes for redirect_uri. If the problem still exists - we will look into it

master works for me! Thanks @nbulaj, I'll just stay on v4.2.6 until v4.3.2 comes round!

You can now try 4.3.2 release

Thank you, works perfectly!

Thank you, works perfectly!

Thanks, good to know!

Was this page helpful?
0 / 5 - 0 ratings

Related issues

f3ndot picture f3ndot  路  3Comments

yongwoon picture yongwoon  路  3Comments

ulitiy picture ulitiy  路  5Comments

amngibson picture amngibson  路  5Comments

eebasadre picture eebasadre  路  4Comments