Skip to content

Claim headers not url-encoded #77

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
maltesmann opened this issue May 12, 2025 · 1 comment
Open

Claim headers not url-encoded #77

maltesmann opened this issue May 12, 2025 · 1 comment

Comments

@maltesmann
Copy link

The generated claim-headers don't seem to be url-encoded. For example if there is someone with the name 'Cem Özdemir', the resulting name-claim-header will simply be OAUTH2_CLAIM_name: Cem Özdemir. But Section 3.1 of the ARPA Internet Text Messages spec states that headers are always in US-ASCII encoding and anything outside of that needs to be encoded. This leads to errors i.e. when forwarding this header to a spring boot application with strict firewall activated.

Is there any way to turn on url-encoding for those headers? My current workaround is to just turn them off via OAuth2TargetPass headers=Off.
@zandbelt
Copy link
Member

agree, it was covered for mod_auth_openidc in OpenIDC/mod_auth_openidc@28e79bf

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@zandbelt @maltesmann