]> git.koha-community.org Git - koha.git/commit
Bug 34755: Backport Koha::Token change from bug 34478
authorDavid Cook <dcook@prosentient.com.au>
Mon, 4 Mar 2024 04:19:38 +0000 (04:19 +0000)
committerFrédéric Demians <f.demians@tamil.fr>
Wed, 3 Apr 2024 08:08:47 +0000 (08:08 +0000)
commit4f89cecf8915f525ec47589f2f12c355f20d9261
tree4a561ac8f3f60e11c355b60aae3e69a49f80d281
parent35fcb2a798224f92a7c1b68f06d662180dc0e6d9
Bug 34755: Backport Koha::Token change from bug 34478

This change includes the Koha::Token changes which uses
Koha::Session for generating and checking CSRF tokens.

0. Apply the patch and koha-plack --restart kohadev
1. Setup Keycloak OIDC SSO according to "Testing SSO"
wiki guide
2. In a regular window go to http://localhost:8080
3. In a private window go to http://localhost:8080 and click
the SSO "Log in with..." button, but don't log into Keycloak
4. In the regular window, login locally, and navigate to 5-6 pages
5. In the private window, log into Keycloak
6. Note that you are redirected back to Koha and logged in
successfully (no wrong_csrf_token error).

Signed-off-by: Olivier Hubert <olivier.hubert@inlibro.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit 46c0419a11d56b078f1f8528e51bf1a78bd284e6)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
(cherry picked from commit 19f79fa6064664a69597b0b330dca9c538b816bf)
Signed-off-by: Frédéric Demians <f.demians@tamil.fr>
Koha/Token.pm