Uploaded image for project: 'PUBLIC - Liferay Portal Community Edition'
  1. PUBLIC - Liferay Portal Community Edition
  2. LPS-128580

'Alert text : 403 - Unauthorized!' when click Launch Request with OAuth2

    Details

    • Story Points:
      5
    • Fix Priority:
      3
    • Sprint:
      AppSec Iteration 57

      Description

      Steps to reproduce:
      1. Start up a clean bundle.
      2. Add a new OAuth2 application
      callback url:http://martamedio.com/oauth2-tester/?url=http://localhost:8080&client_id=abc123
      client Id: abc123
      client Secret: abc123
      Scopes: Check Portal Services>everything.read.userprofile
      3. Open http://martamedio.com/oauth2-tester/
      4. Type client Id and click Authorize My Application
      5. Click Authorize
      6. Type client secret and click Obtain OAuth2 Access
      7. Click Launch Request

      Except result: Return the current user info.
      Actual result: 'Alert text : 403 - Unauthorized!' shows up. Close the pop-up window and click Launch Request again. The user info is returned.

        Attachments

          Activity

            People

            Assignee:
            joyce.wang Joyce Wang
            Reporter:
            joyce.wang Joyce Wang
            Participants of an Issue:
            Recent user:
            Rafaela Nascimento
            Engineering Assignee:
            Marta Medio
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:
              Days since last comment:
              9 weeks, 5 days ago

                Packages

                Version Package
                7.4.0 CE GA1
                Master