https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=34755 Tomás Cohen Arazi <tomascohen@gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #162748|0 |1 is obsolete| | --- Comment #34 from Tomás Cohen Arazi <tomascohen@gmail.com> --- Created attachment 162977 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=162977&action=edit Bug 34755: Backport Koha::Token change from bug 34478 This change includes the Koha::Token changes which uses Koha::Session for generating and checking CSRF tokens. 0. Apply the patch and koha-plack --restart kohadev 1. Setup Keycloak OIDC SSO according to "Testing SSO" wiki guide 2. In a regular window go to http://localhost:8080 3. In a private window go to http://localhost:8080 and click the SSO "Log in with..." button, but don't log into Keycloak 4. In the regular window, login locally, and navigate to 5-6 pages 5. In the private window, log into Keycloak 6. Note that you are redirected back to Koha and logged in successfully (no wrong_csrf_token error). Signed-off-by: Olivier Hubert <olivier.hubert@inlibro.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> -- You are receiving this mail because: You are watching all bug changes.