Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: defer creation of auth request. #1865

Merged
merged 5 commits into from
Jun 25, 2021
Merged

fix: defer creation of auth request. #1865

merged 5 commits into from
Jun 25, 2021

Commits on May 21, 2021

  1. fix: defer creation of auth request. 

    Rather than creating the auth request when the user hits /auth, pass
the arguments through to /auth/{connector} and have the auth request
created there.  This prevents a database error when using the "Select
another login method" link, and also avoids a few other error cases.

Fixes dexidp#1849, dexidp#646.

Signed-off-by: Alastair Houghton <alastair@alastairs-place.net>
    @al45tair
    al45tair committed May 21, 2021
    Configuration menu
    Copy the full SHA
    cdbb5dd View commit details
    Browse the repository at this point in the history

  2. fix: back link on password page needs to be explicit. 

    The back link on the password page was using Javascript to tell the
browser to navigate back, which won't work if the user has entered a
set of incorrect log-in details.  Fix this by using an explicit URL
instead.

Fixes dexidp#1851

Signed-off-by: Alastair Houghton <alastair@alastairs-place.net>
    @al45tair
    al45tair committed May 21, 2021
    Configuration menu
    Copy the full SHA
    0284a4c View commit details
    Browse the repository at this point in the history

  3. fix: remove some additional dependencies. 

    Accidentally added some of these back during merge.

Signed-off-by: Alastair Houghton <alastair@alastairs-place.net>
    @al45tair
    al45tair committed May 21, 2021
    Configuration menu
    Copy the full SHA
    88025b3 View commit details
    Browse the repository at this point in the history

  4. fix: reinstate TestHandleAuthCode. 

    Reinstating this test as it shouldn't have been removed.

Signed-off-by: Alastair Houghton <alastair@alastairs-place.net>
    @al45tair
    al45tair committed May 21, 2021
    Configuration menu
    Copy the full SHA
    030a645 View commit details
    Browse the repository at this point in the history

  5. fix: add an extra endpoint to avoid refresh generating AuthRequests. 

    By adding an extra endpoint and a redirect, we can avoid a situation
where it's trivially easy to generate a large number of AuthRequests
by hitting F5/refresh in the browser.

Signed-off-by: Alastair Houghton <alastair@alastairs-place.net>
    @al45tair
    al45tair committed May 21, 2021
    Configuration menu
    Copy the full SHA
    cd0c24e View commit details
    Browse the repository at this point in the history