proxmox-mirrors/pve-access-control
1
0
Fork 0
mirror of https://git.proxmox.com/git/pve-access-control synced 2025-10-04 22:29:06 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

fix #4074: increase API OpenID code size limit to 2048

Browse Source 
Azure AD seems to have a variable authorization code size, depending on
the browser state according to one report in bug #4074 [0].

Sometimes the size is greater than our current limit of 1024, so
increase it to 2048.

The RFC [1] mentions that there is no limit to the code size, but based on
current experience, a size limit of 2048 might be enough for every
current OpenID Connect provider.

[0] https://bugzilla.proxmox.com/show_bug.cgi?id=4074
[1] https://datatracker.ietf.org/doc/html/rfc6749#section-4.1.2

Signed-off-by: Mira Limbeck <m.limbeck@proxmox.com>
[w.bumiller@proxmox.com: bump to 4096]
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
This commit is contained in:
Mira Limbeck 2022-06-15 16:09:50 +02:00 committed by Wolfgang Bumiller
parent 26dde49104
commit fe52bc631c
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/PVE/API2/OpenId.pm
View File

@ -134,7 +134,7 @@ __PACKAGE__->register_method ({
code => { code => {
description => "OpenId authorization code.", description => "OpenId authorization code.",
type => 'string', type => 'string',
maxLength => 1024, maxLength => 4096,
}, },
'redirect-url' => { 'redirect-url' => {
description => "Redirection Url. The client should set this to the used server url (location.origin).", description => "Redirection Url. The client should set this to the used server url (location.origin).",