Public

Project privacy set to public. By default, its content is available to everyone (authenticated or not). Please note that more restrictive permissions might exist on some items.

stable

Clone or download

Read-only

Generate the "OIDC authentication state" only when the user explicitely asks to be authenticated

Download Browse

Currently Tuleap generates this state every time the URLs to start the authentication flow needs to be displayed. This can be problematic when another request is done after the one used to display the page initially (e.g. to display a user avatar). With this contribution, the user needs to start the authentication flow to overwrite the "OIDC authentication state". To reproduce the issue: 1. without being authenticated open the homepage in tab A 2. without being authenticated open the homepage in tab B 3. go back to tab A, do not refresh, try to authenticate against an OIDC provider request #18410: Open ID Connect Client+ Unique + Anonymous homepage + News => impossible to login Change-Id: Ifcc0de35af5fe3cda6dafb6c76f68d1e3aac069c

+402 −63
Thomas Gerbet (tgerbet) 2020-12-04 15:45
Thomas Gerbet (tgerbet) 2020-12-04 16:42
2979c505638e1a028c4de6fa636a57fab90b48e3
6d4be3981fcfdae64104d68a354af3ae650e8b1b
git #tuleap/stable/2979c505638e1a028c4de6fa636a57fab90b48e3

Modified Files

Side by side diff
Inline diff
Name
M plugins/openidconnectclient/include/OpenIDConnectClient/Authentication/SessionState.php +1 −1 Go to diff View file
M plugins/openidconnectclient/include/OpenIDConnectClient/Login/ConnectorPresenter.php +6 −6 Go to diff View file
M plugins/openidconnectclient/include/OpenIDConnectClient/Login/ConnectorPresenterBuilder.php +12 −18 Go to diff View file
M plugins/openidconnectclient/include/OpenIDConnectClient/Login/Controller.php +2 −2 Go to diff View file
A plugins/openidconnectclient/include/OpenIDConnectClient/Login/LoginURLGenerator.php +53 −0 Go to diff View file
M plugins/openidconnectclient/include/OpenIDConnectClient/Login/LoginUniqueAuthenticationUrlGenerator.php +8 −13 Go to diff View file
A plugins/openidconnectclient/include/OpenIDConnectClient/Login/RedirectToProviderForAuthorizationController.php +94 −0 Go to diff View file
M plugins/openidconnectclient/include/OpenIDConnectClient/Provider/AzureADProvider/AzureADProvider.php +3 −0 Go to diff View file
M plugins/openidconnectclient/include/OpenIDConnectClient/Provider/GenericProvider/GenericProvider.php +3 −0 Go to diff View file
M plugins/openidconnectclient/include/OpenIDConnectClient/Provider/Provider.php +3 −0 Go to diff View file
M plugins/openidconnectclient/include/openidconnectclientPlugin.php +21 −5 Go to diff View file
M plugins/openidconnectclient/templates/login-page.mustache +1 −1 Go to diff View file
M plugins/openidconnectclient/templates/login_connector.mustache +1 −1 Go to diff View file
M plugins/openidconnectclient/tests/unit/Authentication/SessionStateTest.php +12 −2 Go to diff View file
A plugins/openidconnectclient/tests/unit/Login/LoginURLGeneratorTest.php +62 −0 Go to diff View file
M plugins/openidconnectclient/tests/unit/Login/LoginUniqueAuthenticationUrlGeneratorTest.php +12 −14 Go to diff View file
A plugins/openidconnectclient/tests/unit/Login/RedirectToProviderForAuthorizationControllerTest.php +108 −0 Go to diff View file