Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: return return_to code if already authenticated #4286

Merged
merged 1 commit into from
Feb 3, 2025
Merged

fix: return return_to code if already authenticated #4286

merged 1 commit into from
Feb 3, 2025

Conversation

hperl
Copy link
Contributor

@hperl hperl commented Feb 2, 2025

This fixes a bug in native OIDC login and registration flows, where the user already has a session in the browser the flow is continued with (usually a web view, but depending on the platform it already has a session cookie set). In the callback, we now correctly handle the case in alreadyAuthenticated to return the session token exchange code.

Related issue(s)

Checklist

  • I have read the contributing guidelines.
  • I have referenced an issue containing the design document if my change
    introduces a new feature.
  • I am following the
    contributing code guidelines.
  • I have read the security policy.
  • I confirm that this pull request does not address a security
    vulnerability. If this pull request addresses a security vulnerability, I
    confirm that I got the approval (please contact
    [email protected]) from the maintainers to push
    the changes.
  • I have added tests that prove my fix is effective or that my feature
    works.
  • I have added or changed the documentation.

Further Comments

@hperl hperl requested review from aeneasr and a team as code owners February 2, 2025 12:05
jonas-jonas
jonas-jonas approved these changes Feb 2, 2025
View reviewed changes
Copy link
Member

@jonas-jonas jonas-jonas left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice, thanks! Wasn't sure if this is the correct solution, but looks good!

@codecov Codecov
Copy link

codecov bot commented Feb 2, 2025
edited
Loading

Codecov Report

Attention: Patch coverage is 71.42857% with 2 lines in your changes missing coverage. Please review.

Project coverage is 78.62%. Comparing base (7ca3b6b) to head (1dbe670).
Report is 3 commits behind head on master.

Files with missing lines Patch % Lines
selfservice/strategy/oidc/strategy.go 71.42% 1 Missing and 1 partial ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##           master    #4286      +/-   ##
==========================================
+ Coverage   78.59%   78.62%   +0.02%     
==========================================
  Files         381      381              
  Lines       27382    27384       +2     
==========================================
+ Hits        21521    21530       +9     
+ Misses       4238     4232       -6     
+ Partials     1623     1622       -1

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@hperl hperl force-pushed the hperl/fix-always-issue-return_to_code-for-native-oidc branch from aa4fce4 to 1dbe670 Compare February 2, 2025 14:17
@zepatrik zepatrik merged commit 119841a into master Feb 3, 2025
28 of 29 checks passed
@zepatrik zepatrik deleted the hperl/fix-always-issue-return_to_code-for-native-oidc branch February 3, 2025 08:56
mpauly-exnaton pushed a commit to mpauly-exnaton/kratos that referenced this pull request Feb 12, 2025
@hperl @mpauly-exnaton
fix: return return_to code if already authenticated (ory#4286)
0e5ac74 
This fixes a bug in native OIDC login and registration flows, where the
user already has a session in the browser the flow is continued with
(usually a web view, but depending on the platform it already has a
session cookie set). In the callback, we now correctly handle the case
in `alreadyAuthenticated` to return the session token exchange code.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@zepatrik zepatrik zepatrik approved these changes

@jonas-jonas jonas-jonas jonas-jonas approved these changes

@aeneasr aeneasr Awaiting requested review from aeneasr aeneasr is a code owner

Assignees

@hperl hperl

@jonas-jonas jonas-jonas

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@hperl @zepatrik @jonas-jonas