Details

    • Type: Story
    • Status: Closed
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: Master, 1.0-portal_7.1.0
    • Fix Version/s: 1.0-portal_7.1.0
    • Component/s: None
    • Labels:

      Description

      Analyze security considerations section of every implemented RFC.

       

      There’s a doubt about Implicit Grant security:

      • There are also some doubts about Authorization Code Grant security:
        • https://dhavalkapil.com/blogs/Attacking-the-OAuth-Protocol/
          • Attacking the ‘Connect’ request (“Login with”)
            • OAuth2.0 provider can only prevent this by preventing CSRF to logout & login URLs
            • Client is better placed to protect via CSRF token (i.e. “state” parameter) authorization request + authorization code exchange request
          • CSRF on Authorization response (enabler of above)
            • OAuth2.0 spec does not mandate use of “state” parameter
          • Attacking ‘redirect_uri’
            • If allowing wildcards in registered redirect_uri (maybe just domain is required) plus XSS exists on some page that has a URL matching the wildcard, then attacker can leak authorization codes or access tokens from there.

        Attachments

          Issue Links

            Activity

              People

              • Votes:
                0 Vote for this issue
                Watchers:
                0 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:

                  Packages

                  Version Package
                  1.0-portal_7.1.0