| #
4a9a2508 |
| 01-Sep-2025 |
Andreas Gohr <gohr@cosmocode.de> |
do not clear login data on every load
logoff is called a lot when a user is not authenticated yet. This can
interfere with the oauth login process when calls are made while the
user is at the IdP, f
do not clear login data on every load
logoff is called a lot when a user is not authenticated yet. This can
interfere with the oauth login process when calls are made while the
user is at the IdP, for example triggered by AJAX beacons like created
by the statistics plugin.
There is no real reason to delete the temporary session data. We can
simply keep it until it is used or replaced by new data.
show more ...
|
| #
fe49fd82 |
| 01-Sep-2025 |
Andreas Gohr <gohr@cosmocode.de> |
option to enforce oauth for some users
|
| #
290e9b1f |
| 05-Mar-2024 |
Andreas Gohr <andi@splitbrain.org> |
automatic style fixes and new workflows
|
| #
1cdd3f90 |
| 28-Sep-2022 |
Andreas Gohr <andi@splitbrain.org> |
disable plain auth login in singleService mode #118
|
| #
568565b9 |
| 11-Jan-2022 |
Andreas Gohr <andi@splitbrain.org> |
do not call auth_login ourselves but signal it
By returning null, the normal auth_login is triggered including all the
needed events. This fixes the CAPTCHA integration.
|
| #
a1fa007a |
| 19-Dec-2021 |
Naoto Kobayashi <naoto.kobayashi4c@gmail.com> |
Enable oauth service plugins to implement their own procedures on logout
Although some oauth services need their own procedures on logout
(e.g. Keycloak needs to access the logout endpoint), there i
Enable oauth service plugins to implement their own procedures on logout
Although some oauth services need their own procedures on logout
(e.g. Keycloak needs to access the logout endpoint), there is no way to
implement them. Fix it.
Signed-off-by: Naoto Kobayashi <naoto.kobayashi4c@gmail.com>
show more ...
|
| #
2a8b22d5 |
| 14-Dec-2021 |
Andreas Gohr <andi@splitbrain.org> |
fall back to parent strings
this avoids empty messages when errors are displayed by the underlying
authplain plugin
|
| #
28002081 |
| 13-Dec-2021 |
Andreas Gohr <andi@splitbrain.org> |
drop concept of GUID and introduce storageID
Previously we created a new GUID for any user trying to login via oauth.
That GUID was used to store the token states. This polluted the cache
area but e
drop concept of GUID and introduce storageID
Previously we created a new GUID for any user trying to login via oauth.
That GUID was used to store the token states. This polluted the cache
area but even worse, it made it impossible to stay logged in on multiple
devices when the IdP invalidated onld access tokens when issuing a new
one (like google does).
Now a session storage is used for the initial login. Permanent storage
is only initialized after a successful login (based on the user's email
address).
show more ...
|
| #
4928b245 |
| 03-Dec-2021 |
Andreas Gohr <andi@splitbrain.org> |
use the correct group array when creating user.
replaces #101
|
| #
8523e9d0 |
| 03-Dec-2021 |
Andreas Gohr <andi@splitbrain.org> |
readd support for farmer setups
In a farm, the return from the IDP will land in the farmer and needs to
be redirected to the proper animal. To do so the animal is stored in the
state parameter which
readd support for farmer setups
In a farm, the return from the IDP will land in the farmer and needs to
be redirected to the proper animal. To do so the animal is stored in the
state parameter which all IDPs should pass back to us as is.
Previously this was hardcoded in the Google service only, now it should
work for all services.
Untested though. Also previously the behavior was also loading the
Farmer plugin even when disabled. I don't know why. I changed it.
show more ...
|
| #
e170f465 |
| 03-Dec-2021 |
Andreas Gohr <andi@splitbrain.org> |
removed lots of now unused code
|
| #
74b4d4a4 |
| 03-Dec-2021 |
Andreas Gohr <andi@splitbrain.org> |
another major refactoring
The new OAuthManager is now the main flow manager and should make it
easier to follow the flow. The Session class encapsulates all session
and cookie accesses. A new guid p
another major refactoring
The new OAuthManager is now the main flow manager and should make it
easier to follow the flow. The Session class encapsulates all session
and cookie accesses. A new guid paradigma should make invisible relogins
possible when the session expired. Needs all major cleanup but a first
login worked.
show more ...
|
| #
d9be1cb5 |
| 01-Sep-2020 |
Anna Dabrowska <dabrowska@cosmocode.de> |
Session manager
|
| #
4a95c35b |
| 25-Aug-2020 |
Anna Dabrowska <dabrowska@cosmocode.de> |
fix unfinished login
flag indicating that login is in progress was not cleared from session
|
| #
b8ca6a42 |
| 18-Aug-2020 |
Anna Dabrowska <dabrowska@cosmocode.de> |
adding comments and fixmes
|
| #
a02a5d81 |
| 13-Aug-2020 |
Anna Dabrowska <dabrowska@cosmocode.de> |
Refactoring auth class
|
| #
311a6606 |
| 13-Aug-2020 |
Anna Dabrowska <dabrowska@cosmocode.de> |
Reorder methods in auth class
|
| #
3e7ac5b1 |
| 30-Jul-2020 |
Andreas Gohr <andi@splitbrain.org> |
more fixes and cleanup
somewhat works already
|
| #
a5b7ee9d |
| 30-Jul-2020 |
Andreas Gohr <gohr@cosmocode.de> |
Merge pull request #87 from lindyblackburn/master
correct check for duplicate email
|
| #
8b214edc |
| 04-Jun-2020 |
Andreas Gohr <andi@splitbrain.org> |
fix for renamed function. closes #91
|
| #
11997ac2 |
| 23-Feb-2020 |
Lindy Blackburn <lindylam@gmail.com> |
correct check for duplicate email
|
| #
d313403c |
| 31-Jan-2019 |
Anna Dabrowska <dabrowska@cosmocode.de> |
Enable login when self-registration is disabled
|
| #
518d0e6e |
| 21-Jun-2016 |
Michael Große <mic.grosse@posteo.de> |
Add slash in case animalURL() doesn't end with it
|
| #
438dcc52 |
| 21-Jun-2016 |
Michael Grosse <grosse@cosmocode.de> |
Support a farm-setup with google oauth
This assumes that the refactored farmer-plugin is used. (See
https://www.dokuwiki.org/plugin:farmer and
https://github.com/cosmocode/dokuwiki-plugin-farmer )
Support a farm-setup with google oauth
This assumes that the refactored farmer-plugin is used. (See
https://www.dokuwiki.org/plugin:farmer and
https://github.com/cosmocode/dokuwiki-plugin-farmer )
SPR-506
show more ...
|
| #
188ba446 |
| 10-Mar-2016 |
Michael Große <grosse@cosmocode.de> |
Keep the get parameters except id
'id' is provided by the wl() function if needed. We should not duplicate
it.
|