-
-
Notifications
You must be signed in to change notification settings - Fork 358
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
State parameter length issue when working with spring security oauth2 #267
Comments
Making it configurable would be an option |
Any thought of how to implement it? |
Yeah, just add a |
5 tasks
I made #461 to address this. |
aeneasr
pushed a commit
that referenced
this issue
Aug 21, 2020
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
The default state generator of spring security oauth2 library generates state with length of 6 which is less than the
MinParameterEntropy
(which is 8). check code hereI wonder that if it's possible to adjust MinParameterEntropy? or make it configurable?
The text was updated successfully, but these errors were encountered: