Changes in auth.php

4a9a2508c732645b704b0d92419148747b070ea7 - do not clear login data on every load

Mon, 01 Sep 2025 13:27:56 +0000

do not clear login data on every loadlogoff is called a lot when a user is not authenticated yet. This caninterfere with the oauth login process when calls are made while theuser is at the IdP, for example triggered by AJAX beacons like createdby the statistics plugin.There is no real reason to delete the temporary session data. We cansimply keep it until it is used or replaced by new data. List of files: /plugin/oauth/auth.php

fe49fd8259b2adcc61587e73b18695bde171a8d9 - option to enforce oauth for some users

Mon, 01 Sep 2025 12:11:54 +0000

option to enforce oauth for some users List of files: /plugin/oauth/auth.php

290e9b1f10bf4135eb82799dc58da0055064d995 - automatic style fixes and new workflows

Tue, 05 Mar 2024 08:36:25 +0000

automatic style fixes and new workflows List of files: /plugin/oauth/auth.php

1cdd3f90f79928b4012c80ad8be1a84636679c57 - disable plain auth login in singleService mode #118

Wed, 28 Sep 2022 08:48:55 +0000

disable plain auth login in singleService mode #118 List of files: /plugin/oauth/auth.php

568565b9c13906b0ff5271c86f062599a97c74d5 - do not call auth_login ourselves but signal it

Tue, 11 Jan 2022 12:03:22 +0000

do not call auth_login ourselves but signal itBy returning null, the normal auth_login is triggered including all theneeded events. This fixes the CAPTCHA integration. List of files: /plugin/oauth/auth.php

a1fa007ab08a219fc271dac74f02ec04f98037c3 - Enable oauth service plugins to implement their own procedures on logout

Sun, 19 Dec 2021 18:23:11 +0000

Enable oauth service plugins to implement their own procedures on logoutAlthough some oauth services need their own procedures on logout(e.g. Keycloak needs to access the logout endpoint), there is no way toimplement them. Fix it.Signed-off-by: Naoto Kobayashi List of files: /plugin/oauth/auth.php

2a8b22d58bdb8b0404efb7ac8a5598dd31c85866 - fall back to parent strings

Tue, 14 Dec 2021 21:17:59 +0000

fall back to parent stringsthis avoids empty messages when errors are displayed by the underlyingauthplain plugin List of files: /plugin/oauth/auth.php

28002081b4e69d3951b2d8230c8668e3cbd7f708 - drop concept of GUID and introduce storageID

Mon, 13 Dec 2021 16:47:26 +0000

drop concept of GUID and introduce storageIDPreviously we created a new GUID for any user trying to login via oauth.That GUID was used to store the token states. This polluted the cachearea but even worse, it made it impossible to stay logged in on multipledevices when the IdP invalidated onld access tokens when issuing a newone (like google does).Now a session storage is used for the initial login. Permanent storageis only initialized after a successful login (based on the user's emailaddress). List of files: /plugin/oauth/auth.php

4928b245f52a739d88c1982c470a90e995e617ec - use the correct group array when creating user.

Fri, 03 Dec 2021 23:37:08 +0000

use the correct group array when creating user.replaces #101 List of files: /plugin/oauth/auth.php

8523e9d007e8a01560296a153d03a9ecf0482d51 - readd support for farmer setups

Fri, 03 Dec 2021 20:28:03 +0000

readd support for farmer setupsIn a farm, the return from the IDP will land in the farmer and needs tobe redirected to the proper animal. To do so the animal is stored in thestate parameter which all IDPs should pass back to us as is.Previously this was hardcoded in the Google service only, now it shouldwork for all services.Untested though. Also previously the behavior was also loading theFarmer plugin even when disabled. I don't know why. I changed it. List of files: /plugin/oauth/auth.php

e170f465284fced2ad2f88eb9d618437f47c3edb - removed lots of now unused code

Fri, 03 Dec 2021 19:36:43 +0000

removed lots of now unused code List of files: /plugin/oauth/auth.php

74b4d4a4cf1d79813740d8ba18696e5fb2b4089b - another major refactoring

Fri, 03 Dec 2021 18:19:54 +0000

another major refactoringThe new OAuthManager is now the main flow manager and should make iteasier to follow the flow. The Session class encapsulates all sessionand cookie accesses. A new guid paradigma should make invisible reloginspossible when the session expired. Needs all major cleanup but a firstlogin worked. List of files: /plugin/oauth/auth.php

d9be1cb5d4b89892fd7351309c9c9722836436f4 - Session manager

Tue, 01 Sep 2020 16:19:03 +0000

Session manager List of files: /plugin/oauth/auth.php

4a95c35b8a37aaf3cd1703597038c20d4b4457ae - fix unfinished login

Tue, 25 Aug 2020 19:00:10 +0000

fix unfinished loginflag indicating that login is in progress was not cleared from session List of files: /plugin/oauth/auth.php

b8ca6a42fba4b00664bb9c14ccfeda17e50ca209 - adding comments and fixmes

Tue, 18 Aug 2020 17:49:38 +0000

adding comments and fixmes List of files: /plugin/oauth/auth.php

a02a5d81cf50f7a5f50c2ba20efa5cedfdf34322 - Refactoring auth class

Thu, 13 Aug 2020 13:44:12 +0000

Refactoring auth class List of files: /plugin/oauth/auth.php

311a66063361dab9d9371f04a01619bd95d4989e - Reorder methods in auth class

Thu, 13 Aug 2020 12:20:52 +0000

Reorder methods in auth class List of files: /plugin/oauth/auth.php

3e7ac5b1c2847ba6fd6e53113e84776ead1a1378 - more fixes and cleanup

Thu, 30 Jul 2020 13:52:43 +0000

more fixes and cleanupsomewhat works already List of files: /plugin/oauth/auth.php

a5b7ee9d4b1b4268b1c2fd3b513637e01fa05419 - Merge pull request #87 from lindyblackburn/master

Thu, 30 Jul 2020 08:06:26 +0000

Merge pull request #87 from lindyblackburn/mastercorrect check for duplicate email List of files: /plugin/oauth/auth.php

8b214edcc9777f47a8968f2c58972d29f33e94d8 - fix for renamed function. closes #91

Thu, 04 Jun 2020 12:48:11 +0000

fix for renamed function. closes #91 List of files: /plugin/oauth/auth.php