Details
-
Task
-
Resolution: Unresolved
-
Major - P3
-
None
-
None
-
None
-
Server Security
Description
SaslOIDCServerMechanism checks whether the OIDC mechanism is activated before performing OIDC authentication steps, or before affirming that it is able to auth a user. These checks are unnecessary. The SASLMechanismRegistry will perform these checks before loading SaslOIDCServerMechanism's factory. Additional defense is unnecessary, and prevents us from easily invoking the Mechanism in a unittest.