-
Bug
-
Resolution: Fixed
-
Minor
-
4.0.6, 4.1.1
-
1
-
Team Alpha - Sprint 2 I1-2023
Problem
This is easiest to see via a quick replication:
- Set up a Google OAuth 2 issuer
- Set up the Googledocs repository, setting the google issuer you created in step 1.
- Go to private files and click to add a new file
- Select the Google repository
- Click "Log in to your account" (you'll get a popup window)
- When/if prompted, pick the relevant google account
- When prompted to approve scopes, click "Cancel" instead of "Approve"
Expected: The popup closes and you're shown {}something{} meaningful
Actual: The popup remains open, and redirect you to login, with the message "You're already signed in as user x..." etc.
E.g.
This is awfully clumsy.
This seems to be directly related to MDL-71254 (certainly that issue didn't consider the 'internal services' use case at all), but has perhaps been a problem ever since the inception of the google/microsoft, etc. sso. In any case, it's a problem on admin/oauth2callback.php.
Solution
What should happen? Errors, like the error that's passed back when you deny an auth request, should be sent back to the calling code (in this case repository) when the user is an authenticated user. It's up to the calling code to handle that (and close popups, cleanup, etc). When we're not logged in, we can then safely redirect to the login page as we do now.
- has a non-specific relationship to
-
MDL-75207 Moodle LMS / MoodleNet integration project - Phase 1
- Closed
-
MDL-71254 OAuth2: Display login errors on the login page
- Closed
- has been marked as being related by
-
MDL-79508 State param missing when redirecting from Clever SSO
- Closed
- is a regression caused by
-
MDL-58090 OAuth 2 authentication upgrades for Moodle.
- Closed