Commit 1e3915a9 authored by o's avatar o
Browse files

send session token on saml_auth and handoff

this allows us to skip e.g. 2fa checks, if they have been recently
performed.
parent a8d2a3ea
Pipeline #8191 passed with stages
in 3 minutes and 36 seconds
......@@ -86,10 +86,12 @@ class ApplicationController < ActionController::Base
def reset_user_session
unless session_expired?
url = session[:origin_url]
token = session[:login_token]
end
reset_session
session[:locale] = I18n.locale
session[:origin_url] = url
session[:login_token] = token
update_session_expiry
end
......
......@@ -7,6 +7,7 @@ class HandoffLoginController < LoginController
unlock: unlock,
totp: totp,
webauthn: webauthn,
token: session[:login_token],
)
end
......
......@@ -81,7 +81,8 @@ class SamlLoginController < LoginController
unlock: unlock,
totp: totp,
webauthn: webauthn,
saml_request: @saml_request
saml_request: @saml_request,
token: session[:login_token],
)
end
end
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment