Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Loop on button on dual login #34

Open
neeesn opened this issue May 23, 2019 · 2 comments
Open

Loop on button on dual login #34

neeesn opened this issue May 23, 2019 · 2 comments

Comments

@neeesn
Copy link
Contributor

neeesn commented May 23, 2019

Describe the bug
When dual login is set and we go to the login screen. The button sends us to sitename.com/login/index.php?saml=on but it doesnt "call" the login. we just go in loop.

To Reproduce
Steps to reproduce the behavior:
Install newest version in moodle 3.6.3
Set to dual login
Log out
Try and login via click the button

Desktop (please complete the following information):
Any browser

To make it work we changed the code in the loginpage_hook in auth.php line 198 - 228 :
From: /**
* @global string $SESSION
* @return type
*/
public function loginpage_hook() {
global $SESSION, $CFG;
$saml = optional_param('saml', 'undefined', PARAM_TEXT);
// If saml=off, go to default login page regardless any other
// settings. Useful to administrators to recover from misconfiguration
if ($saml == 'off') {
$SESSION->saml = 'off';
return;
}
// If dual login is disabled or saml=on, the user is redirect to the IdP
if ($saml == 'on') {
$SESSION->saml='on';
$this->saml2_login();
}
// Otherwise, is checked the last option in session
if (!empty($SESSION->saml) && $SESSION->saml == 'off') {
return;
}
if ($this->config->dual_login) {
return;
}
$this->saml2_login();
}

To this :

/**
* @global string $SESSION
* @return type
*/
public function loginpage_hook() {

    global $SESSION;

    if(!isset($SESSION->saml)){
        $SESSION->saml = '';
    }

    $saml = optional_param('saml', $SESSION->saml, PARAM_TEXT);

    /**
     * Check if dual login is enabled.
     * Can bypass IdP auth.
     * To bypass IdP auth, go to <moodle-url>/login/index.php?saml=off
     *
     */
    if ((int) $this->config->dual_login && $saml !== 'on') {
        $saml = 'off';
    }

    $SESSION->saml = !empty($saml) ? $saml : 'on';
    if (isset($SESSION->saml) && $SESSION->saml === 'off') {
        return;
    }

    $this->saml2_login();

}
@mfprimo
Copy link
Collaborator

mfprimo commented May 27, 2019

Hi Henrik,
could you do a pull request?

mfprimo added a commit to UniGe/moodle-auth_saml2sso that referenced this issue Sep 1, 2019
@mfprimo
Henrik Sune Pedersen fix for dmirandaa#34
404d60d
@mfprimo
Copy link
Collaborator

mfprimo commented Sep 1, 2019

Hi Henrik,
I was not able to reproduce the bug, but I trust you and applied your suggestion in the code.
Could you confirm new version works?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@mfprimo @neeesn