Affects Version/s: Master, 1.1-marketplace_7.1.0
Fix Version/s: Master
This ticket is to improve the developer experience when needing to access the portal by a different IP than those listed in portal.properties by default:
For example when running Android simulator in a VM, you can't access the host machine where portal is running through localhost.
The OAuth 2 authorization flow relies on several redirects, to itself, to complete successfully. And the default configuration would seem ok for that because of SERVER_IP, but it is not.
From a portal admin perspective it is not intuitive that they need to whitelist all of the portal's own IPs for the product to work.
To improve this, relative redirection URLs should be used whenever possible.
Steps to reproduce:
- Create/modify portal-ext.properties, with the following to remove any ambiguity about how SERVER_IP might resolve
- Start the portal
- Create an OAuth2 Application. Enter http://localhost:8080 for callback URI, and select the "Web application" client profile. Ensure "Authorization Code" authorization type is checked. Save. Change Client ID to "myApplication" and Client Secret to "mySecret". Save. Finally assign the application any of the available scopes.
- Find or assign an alternative to the portal server host. The easiest way to achieve this is to use the LAN assigned IP of the server.
- Let's assume the IP is 192.168.0.1 then go to http://192.168.0.1:8080/o/oauth2/authorize?client_id=myApplication&client_secret=mySecret&redirect_uri=http%3A%2F%2Flocalhost%3A8080&response_type=code&scope=
- You will be prompted to log in, log in with email@example.com
Expected result: You are shown asked to authorize the application access, and that the IP shown in the address bar remains as 192.168.0.1
Actual result: You are redirect to http://192.168.1.195:8080/web/guest/home