[Koha-bugs] [Bug 34755] Error authenticating to external OpenID Connect (OIDC) identity provider : wrong_csrf_token

[bugzilla-daemon at bugs.koha-community.org]

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=34755

Tomás Cohen Arazi <tomascohen at gmail.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
 Attachment #162748|0                           |1
        is obsolete|                            |

--- Comment #34 from Tomás Cohen Arazi <tomascohen at gmail.com> ---
Created attachment 162977
  -->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=162977&action=edit
Bug 34755: Backport Koha::Token change from bug 34478

This change includes the Koha::Token changes which uses
Koha::Session for generating and checking CSRF tokens.

0. Apply the patch and koha-plack --restart kohadev
1. Setup Keycloak OIDC SSO according to "Testing SSO"
wiki guide
2. In a regular window go to http://localhost:8080
3. In a private window go to http://localhost:8080 and click
the SSO "Log in with..." button, but don't log into Keycloak
4. In the regular window, login locally, and navigate to 5-6 pages
5. In the private window, log into Keycloak
6. Note that you are redirected back to Koha and logged in
successfully (no wrong_csrf_token error).

Signed-off-by: Olivier Hubert <olivier.hubert at inlibro.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen at theke.io>

-- 
You are receiving this mail because:
You are watching all bug changes.