-
-
Notifications
You must be signed in to change notification settings - Fork 2.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
NEW Module to setup OpenID Connect module #30317
base: develop
Are you sure you want to change the base?
NEW Module to setup OpenID Connect module #30317
Conversation
import openid connect custom module phase 2
…n page path fix, add a field to set MAIN_AUTHENTICATION_OIDC_LOGIN_CLAIM
@@ -887,7 +887,7 @@ function analyseVarsForSqlAndScriptsInjection(&$var, $type, $stopcode = 1) | |||
if (GETPOST("username", "alpha", $allowedmethodtopostusername)) { // For posting the login form | |||
$goontestloop = true; | |||
} | |||
if (GETPOST('openid_mode', 'alpha', 1)) { // For openid_connect ? | |||
if (GETPOST('openid_mode', 'alpha')) { // For openid_connect ? |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can you confirm we must remove the parameter ",1" here ?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is to allow POST, this is used on the form inside 'callback.php'
We want to prevent the argument to stay in the URL when a user doesn't change page after login. When a new OpenID authentication is needed and this parameter is still present in the URL this cause an error since it's awaiting the code parameter if this parameter is present and the user not logged.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
New
OpenID Connect as a standard module