nextcloud_server

mirror of https://github.com/nextcloud/server.git synced 2025-02-07 09:59:46 +00:00

History

Arthur Schiwon f0494ec17a fix(Session): avoid password confirmation on SSO SSO backends like SAML and OIDC tried a trick to suppress password confirmations as they are not possible by design. At least for SAML it was not reliable when existing user backends where used as user repositories. Now we are setting a special scope with the token, and also make sure that the scope is taken over when tokens are regenerated. Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2024-06-11 20:19:18 +02:00
..
DIContainer.php	fix(Session): avoid password confirmation on SSO	2024-06-11 20:19:18 +02:00

Arthur Schiwon f0494ec17a fix(Session): avoid password confirmation on SSO

SSO backends like SAML and OIDC tried a trick to suppress password
confirmations as they are not possible by design. At least for SAML it was
not reliable when existing user backends where used as user repositories.

Now we are setting a special scope with the token, and also make sure that
the scope is taken over when tokens are regenerated.

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>

2024-06-11 20:19:18 +02:00

DIContainer.php

fix(Session): avoid password confirmation on SSO

2024-06-11 20:19:18 +02:00