Public

Project privacy set to public. By default, its content is available to everyone (authenticated or not). Please note that more restrictive permissions might exist on some items.

stable

Clone or download

Read-only

story #8631: Clean up the library loading and keep information about which provider is used

Download Browse

We keep this information in the state parameter. This variable is used to protect against CSRF attacks and must not be guessable. To be able to pass the provider ID in the state we sign it with a random key. When we got the state back from the OpenID Connect provider we check its integrity with the random key we have stored in session. Change-Id: I13e6be1f6a74e9a9ce57e998d94ffadde7315303

+692 −119
Thomas Gerbet (tgerbet) 2016-02-09 17:59
Thomas Gerbet (tgerbet) 2016-02-11 15:50
019faf357c4d014694f846431bea0ba281149f93
223351e1dc4e64710947ab7bb2af899ee210fec7
git #tuleap/stable/019faf357c4d014694f846431bea0ba281149f93

Modified Files

Side by side diff
Inline diff
Name
A plugins/openidconnectclient/include/OpenIDConnectClient/Authentication/AuthorizationDispatcher.php +42 −0 Go to diff View file
A plugins/openidconnectclient/include/OpenIDConnectClient/Authentication/Flow.php +142 −0 Go to diff View file
A plugins/openidconnectclient/include/OpenIDConnectClient/Authentication/FlowResponse.php +57 −0 Go to diff View file
A plugins/openidconnectclient/include/OpenIDConnectClient/Authentication/State.php +58 −0 Go to diff View file
A plugins/openidconnectclient/include/OpenIDConnectClient/Authentication/StateFactory.php +38 −0 Go to diff View file
A plugins/openidconnectclient/include/OpenIDConnectClient/Authentication/StateManager.php +75 −0 Go to diff View file
A plugins/openidconnectclient/include/OpenIDConnectClient/Authentication/StateStorage.php +34 −0 Go to diff View file
D plugins/openidconnectclient/include/OpenIDConnectClient/Flow.php +0 −86 Go to diff View file
M plugins/openidconnectclient/include/OpenIDConnectClient/LoginController.php +19 −20 Go to diff View file
M plugins/openidconnectclient/include/autoload.php +9 −3 Go to diff View file
M plugins/openidconnectclient/include/openidconnectclientPlugin.class.php +16 −9 Go to diff View file
A plugins/openidconnectclient/tests/Authentication/FlowTest.php +51 −0 Go to diff View file
A plugins/openidconnectclient/tests/Authentication/StateFactoryTest.php +49 −0 Go to diff View file
A plugins/openidconnectclient/tests/Authentication/StateManagerTest.php +51 −0 Go to diff View file
A plugins/openidconnectclient/tests/Authentication/StateTest.php +37 −0 Go to diff View file
M plugins/openidconnectclient/tests/bootstrap.php +14 −1 Go to diff View file