Project

General

Profile

Development #48739

good_next_url: autoriser les URLs des idps OIDC

Added by Serghei Mihai 14 days ago. Updated about 21 hours ago.

Status:
Solution déployée
Priority:
Normal
Assignee:
Category:
-
Target version:
-
Start date:
20 Nov 2020
Due date:
% Done:

0%

Estimated time:
Patch proposed:
Yes
Planning:
No

Description

Typiquement pour un SP raccordé en OIDC (cf. #48699).


Files

Associated revisions

Revision ed055e08 (diff)
Added by Serghei Mihai 8 days ago

authentic2_idp_oidc: verify next url againts clients redirect_uris (#48739)

History

#2

Updated by Benjamin Dauvergne 14 days ago

On peut s'inspirer de ce commit, https://git.entrouvert.org/authentic.git/commit/?id=09dab1b45d1185345315c09374abd6a6bb918a1a implémentant la même chose pour SAML ça autorise toute URL ayant une même origine que l'entity_id d'un SP SAML.

Coté OIDC on peut faire une chose identique du point de vue des URLs du redirection.

#3

Updated by Serghei Mihai 12 days ago

  • Assignee set to Serghei Mihai
#4

Updated by Serghei Mihai 11 days ago

Yep, merci.

#5

Updated by Serghei Mihai 11 days ago

  • Subject changed from good_next_url: autoriser les URLs des services externes à Publik to good_next_url: autoriser les URLs des idps OIDC
#6

Updated by Benjamin Dauvergne 11 days ago

  • Status changed from Solution proposée to Solution validée
#7

Updated by Serghei Mihai 8 days ago

  • Status changed from Solution validée to Résolu (à déployer)
commit ed055e0892ee67d35b718b87b487c3a424026565 (HEAD -> master, origin/master, origin/HEAD)
Author: Serghei Mihai <smihai@entrouvert.com>
Date:   Tue Nov 24 10:51:58 2020 +0100

    authentic2_idp_oidc: verify next url againts clients redirect_uris (#48739)
#8

Updated by Frédéric Péters about 21 hours ago

  • Status changed from Résolu (à déployer) to Solution déployée

Also available in: Atom PDF