Bug ID 659460: URL encoded Authorization code does not work with APM OAuth client

Last Modified: Nov 07, 2022

Bug Tracker

Affected Product:  See more info
BIG-IP APM(all modules)

Known Affected Versions:
13.0.0, 13.0.0 HF1, 13.0.0 HF2, 13.0.0 HF3

Fixed In:
13.1.0, 13.0.1

Opened: Apr 19, 2017
Severity: 3-Major

Symptoms

When the Authorization Server (AS) generates an authorization code which includes URL special character, in order to pass this code safely, AS encodes it with URL encoding. APM does not properly process this, and when OAuth client used it for retrieving an access token for a given code, OAuth client unnecessarily re-encode it, which causes the AS to reject the token request.

Impact

OAuth client fails to retrieve the token with the provided code.

Conditions

AS generates an OAuth Authorization code contains URL encoded characters.

Workaround

Use the iRule to either decode the authorization code when APM receives it, or when APM sends it out.

Fix Information

URL encoded authorization code now works with APM OAuth client.

Behavior Change