Hi All,
I would ask your opinion about a behavior that has been changed when I upgraded from 3.3.0-Final to 11.0.2 (I know it is a pretty big upgrade).
I have Keycloak integrated in an open-source project called CEDAR, so I will provide exact URLs, these are not secret in any way.
I have my URL in the browser in the following form:
https://cedar.metadatacenter.orgx/instances/create/https://repo.metadatacenter.orgx/templates/18dd4b24-bbbe-41da-9c0e-16c1a0203d24
(Please note the URL has another URL in it, which starts with https://)
I am using the JavaScript library to perform authentication, and that calls the following URL (taken from the Network Panel):
https://auth.metadatacenter.orgx/auth/realms/CEDAR/protocol/openid-connect/auth?client_id=cedar-angular-app&redirect_uri=https%3A%2F%2Fcedar.metadatacenter.orgx%2Finstances%2Fcreate%2Fhttps%3A%2F%2Frepo.metadatacenter.orgx%2Ftemplates%2F18dd4b24-bbbe-41da-9c0e-16c1a0203d24&state=4715527e-519e-43f1-83aa-274cef790a7d&response_mode=fragment&response_type=code&scope=openid&nonce=4ac1d6e7-448e-48e5-be0e-9b63136ad52b
Please note the “https://” being properly encoded as “https%3A%2F%2F”
Now the response to this GET contains the Location header with the following value:
https://cedar.metadatacenter.orgx/instances/create/https:/repo.metadatacenter.orgx/templates/18dd4b24-bbbe-41da-9c0e-16c1a0203d24#state=4715527e-519e-43f1-83aa-274cef790a7d&session_state=ea95bae6-ee1c-45c5-8f11-5d602c75551f&code=7de14b4b-4008-4a3f-af4d-a798cf8075bc.ea95bae6-ee1c-45c5-8f11-5d602c75551f.37064cae-0fb9-40b1-945d-3e0325688d6b
Please note that the location is different from the redirect URL. it only contains “https:/” instead of “https://”
I was looking everywhere (config, docs, internet) for the cause of this behavior, without luck.
I would really appreciate if you would have any information regarding what is causing this, and how to fix it.
We “fixed” the behavior on client-side, but we would really like to solve the issue at its core.
Thank you.