[JOC-2102] OIDC Authorization Flow for OAuth version 2.0 - SOS JIRA

XML

Word

Printable

Details

Type: Fix
Status: Released (View Workflow)
Priority: Major
Resolution: Fixed
Affects Version/s: 2.7.5, 2.8.0
Fix Version/s: 2.7.6, 2.8.1
Component/s: JOC Cockpit Web Service
Labels:
None

Description

Current Situation

Releases 2.7.5 and 2.8.0 do not consider changes to version 2 of the OAuth protocol when it comes to forwarding Client ID and Client Secret to the token exchange request. Both releases fall back to use of protocol version 1.

Desired Behavior

Current releases should consider support for version 2 of the OAuth protocol.

Patch

A patch is available on Unix/Windows:

for release 2.7.5
- https://download.sos-berlin.com/patches/2.7.5-patch/js7_joc.2.7.5-PATCH.API-3.JOC-2102.jar [ sha256 ] [ sig ] [ tsr ]
for release 2.8.0
- https://download.sos-berlin.com/patches/2.8.0-patch/js7_joc.2.8.0-PATCH.API-4.JOC-2102.jar [ sha256 ] [ sig ] [ tsr ]

Attachments

Issue Links

Wiki Page: Wiki Page Loading...

Activity

People

Assignee:: Oliver Haufe

Reporter:: Oliver Haufe

Approver:: Oliver Haufe

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 29 August 2025 16:58

Updated:: 18 September 2025 17:36

Resolved:: 01 September 2025 16:27