No way to pass a 'state' parameter
Bug #1432857 reported by
Chris Wayne
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
webapps-sprint |
Fix Released
|
Undecided
|
Unassigned | ||
signon-plugin-oauth2 (Ubuntu) |
Fix Released
|
High
|
Alberto Mardegan |
Bug Description
Some API's (specifically Linkedin) require that "State" be passed, but there is currently no way to do that
Changed in signon-plugin-oauth2 (Ubuntu): | |
assignee: | nobody → Alberto Mardegan (mardy) |
Changed in signon-plugin-oauth2 (Ubuntu): | |
importance: | Undecided → High |
status: | New → Triaged |
Changed in webapps-sprint: | |
milestone: | none → sprint-8 |
Changed in signon-plugin-oauth2 (Ubuntu): | |
status: | Triaged → In Progress |
Changed in signon-plugin-oauth2 (Ubuntu): | |
status: | In Progress → Fix Committed |
Changed in webapps-sprint: | |
status: | New → Fix Committed |
Changed in webapps-sprint: | |
status: | Fix Committed → Fix Released |
To post a comment you must log in.
This bug was fixed in the package signon- plugin- oauth2 - 0.22+15. 04.20150417- 0ubuntu1
--------------- plugin- oauth2 (0.22+15. 04.20150417- 0ubuntu1) vivid; urgency=medium
signon-
[ Alberto Mardegan ]
* New upstream release
- Return the list of granted permissions to the client
- Require Qt5 for building
- Use a "state" parameter to protect against CSRF (LP: #1432857)
[ CI Train Bot ]
* New rebuild forced.
-- CI Train Bot <email address hidden> Fri, 17 Apr 2015 14:56:51 +0000