During Evaluation of Certify Web Management Hub, I attempted to configure Microsoft Entra Single Sign On and discovered that calls to the /authorize endpoint are not having response_mode being injected into the query parameters. This leads to 405 errors when calls are made back to the redirect URI post-authentication.
Upon further inspection of the code base, the faulting line of code appears to be here: https://github.com/webprofusion/certify/blame/128ad3dfe39d35d13eea81ca71bc744c2ee66a64/src/Certify.Server/Certify.Server.Hub.Api/Controllers/v1/AuthController.cs#L335:~:text=//%20queryParams%5B%22response_mode%22%5D%20%3D%20config.ResponseMode%3B
The conditional for inserting response_mode while building the authorization endpoint is commented out, leading to authentication issues. This was tested on the docker image with the latest tag
During Evaluation of Certify Web Management Hub, I attempted to configure Microsoft Entra Single Sign On and discovered that calls to the /authorize endpoint are not having response_mode being injected into the query parameters. This leads to 405 errors when calls are made back to the redirect URI post-authentication.
Upon further inspection of the code base, the faulting line of code appears to be here: https://github.com/webprofusion/certify/blame/128ad3dfe39d35d13eea81ca71bc744c2ee66a64/src/Certify.Server/Certify.Server.Hub.Api/Controllers/v1/AuthController.cs#L335:~:text=//%20queryParams%5B%22response_mode%22%5D%20%3D%20config.ResponseMode%3B
The conditional for inserting response_mode while building the authorization endpoint is commented out, leading to authentication issues. This was tested on the docker image with the latest tag