[Bug]: v3.37.0 broke some of our clients #766
Description
Preflight Checklist
- I could not find a solution in the documentation, the existing issues or discussions
- I have joined the ZITADEL chat
Version
v3.32.1
Describe the problem caused by this bug
A dependency upgrade from v3.32.1 -> v3.39.1 caused a production breakage.
I've traced it to #721
And this request:
[AUTH-HTTP] POST /auth/oidc/op/Customer/oauth/token -> 400 id:9e342164-4c4b-49df-b937-220c8d8b0c33
Request Headers:
map["Accept-Encoding":["gzip"] "Authorization":["REDACTED/K80vJh6Y"] "Content-Length":["188"] "Content-Type":["application/x-www-form-urlencoded"] "User-Agent":["Go-http-client/1.1"] "X-Forwarded-For":["52.207.181.130"] "X-Forwarded-Host":["authsvc-staging.singlestore.com"] "X-Forwarded-Port":["443"] "X-Forwarded-Proto":["https"] "X-Forwarded-Scheme":["https"] "X-Real-Ip":["52.207.181.130"] "X-Request-Id":["b3ddcaad354e8c75929f5fc9b8f8c151"] "X-Scheme":["https"]]
Request Body:
code=REDACTED%2FV8869lo%2B&grant_type=authorization_code&redirect_uri=https%3A%2F%2Fmonitor-staging.singlestore.com%2Flogin%2Fgeneric_oauth
Response Headers:
map["Access-Control-Allow-Origin":["*"] "Cache-Control":["no-cache, no-store, must-revalidate"] "Content-Type":["application/json"] "Expires":["0"] "X-Content-Type-Options":["nosniff"]]
Response Body:
{"error":"invalid_request","error_description":"code_challenge required"}
--
I am continuing to debug and will update this bug with a PR when I've figured it out.
Multiple clients broke. One of them was grafana.
To reproduce
TBD
Screenshots
No response
Expected behavior
No response
Additional Context
No response