Bug 32354: Accept session_state param given by OAuth IdP

This patch ensures Koha doesn't throw an error if the IdP hands back a
session_state parameter.

To test:

1) Set up an identity provider
2) On the IdP's configuration, make it hand back a session_state
3) Confirm authentication using OIDC works with and without the
session_state

Sponsored-by: Plant & Food Research

Signed-off-by: David Cook <dcook@prosentient.com.au>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This commit is contained in:
Aleisha Amohia 2022-11-27 21:24:59 +00:00 committed by Tomas Cohen Arazi
parent cab4155649
commit a4d9f572bc
Signed by: tomascohen
GPG key ID: 0A272EA1B2F3C15F
2 changed files with 8 additions and 0 deletions

View file

@ -98,6 +98,10 @@
in: query
description: Web page with user friendly description of the error
type: string
- name: session_state
in: query
description: Session state returned by OAuth server
type: string
responses:
"302":
description: User authorized

View file

@ -53,6 +53,10 @@
in: query
description: Web page with user friendly description of the error
type: string
- name: session_state
in: query
description: Session state returned by OAuth server
type: string
responses:
"302":
description: User authorized