cdef1b3ab0
Session was being lost due to the callback POST request cookies not being provided due to samesite=lax. This instead adds an additional hop in the flow to route the request via a GET request so the session is retained. SAML POST data is stored encrypted in cache via a unique ID then pulled out straight afterwards, and restored into POST for the SAML toolkit to validate. Updated testing to cover. |
||
---|---|---|
.. | ||
ConfirmEmailController.php | ||
ForgotPasswordController.php | ||
HandlesPartialLogins.php | ||
LoginController.php | ||
MfaBackupCodesController.php | ||
MfaController.php | ||
MfaTotpController.php | ||
OidcController.php | ||
RegisterController.php | ||
ResetPasswordController.php | ||
Saml2Controller.php | ||
SocialController.php | ||
UserInviteController.php |