wbrawner/server
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Fix SAML Client login flow on Apple devices

Browse source 
Because the redirect from the SAML/SSO endpoint is a POST the lax/strict
cookies are not properly send.

Note that it is not strictly requried on this endpoint as we do not need
the remember me data. Only the real session info is enough. The endpoint
is also already protected by a state token.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
This commit is contained in:
Roeland Jago Douma 2018-12-17 12:50:32 +01:00
parent c4a9bd11b9
commit 763b52d402
No known key found for this signature in database
GPG key ID: F941078878347C0C
1 changed files with 1 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
core/Controller/ClientFlowLoginController.php
View file

@ -207,6 +207,7 @@ class ClientFlowLoginController extends Controller {
/**
* @NoAdminRequired
* @NoCSRFRequired
* @NoSameSiteCookieRequired
* @UseSession
*
* @param string $stateToken