Comments (3)
We have a user in our application experiencing this same issue. So far as I can tell it's only the single user.
We're using an internal provider.
Using 2.7 version of the gem.
from ruby-openid.
As a follow up to my previous comment, here is the result of some investigation from one of our teams:
"For those curious, the issue arises due to non-standard handling of the x-www-form-urlencoded media type in both Apache Tomcat (our webserver) and the Apache HTTP client library used by openid4java (the typical Java client library for OpenID 2). This media type does not permit any parameters, but the client library is adding one anyway, sending "application/x-www-form-urlencoded; charset=UTF-8". Our web server also follows non-standard behavior by accepting and using the character encoding specified in that header, leading to Java applications functioning correctly. In contrast, the Ruby OpenID gem is sending the raw (spec-complaint) header value of "x-www-form-urlencoded", which exposes the poor behavior of our server."
I was struggling to figure out why some of our Ruby applications were exhibiting this issue with specific users but those same users could log into other applications. Hopefully this helps others that run into the same problem.
In our case the team that did the investigation is going to fix it on the server side, but if that isn't an option for others (maybe you don't have any access or control over the provider) then you might be able to add the non-standard headers to mimic the Java client behavior.
from ruby-openid.
This repo is being archived. Closing issue.
from ruby-openid.
Related Issues (20)
- NameError - uninitialized constant OpenID::Server::Server::DefaultNegotiator HOT 1
- lacking debug information HOT 1
- OpenID.fetch does not handle relative path redirects HOT 3
- Printing error messages HOT 2
- Question concerning CVE-2019-11027 HOT 36
- Maybe check signatures first? HOT 1
- Unable to complete OpenID login with ruby-openid 2.9.0/2.9.1 HOT 8
- Trying to find a simple walk through on adding OIDC to a ruby application HOT 2
- missing charset for StandardFetcher#fetch HOT 1
- Certification Status HOT 1
- Passwords HOT 1
- Digest::HMAC is deprecated in ruby 2.2 HOT 3
- Please tag release on github HOT 1
- Please fix security vulnerability according to my emails HOT 2
- add encrypted cookie store HOT 2
- rescue Exception HOT 2
- OpenID::OAuth::Response.from_success_response when NS_URI is missing HOT 3
- Verify SSL certificates by default HOT 1
- Using memcache storage with Dalli HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from ruby-openid.