[MOBILE-4133] CIE (Italy ID-related SSO from Government) Authentication Issue - Moodle Tracker

XML

Word

Printable

Details

Type: Bug
Status: Open
Priority: Minor
Resolution: Unresolved
Affects Version/s: 4.0.1
Fix Version/s: None
Component/s: Authentication, SSO (via local_mobile)
Labels:
- triaged

Affected Branches:
MOODLE_400_STABLE

Description

In Italy we have a law that forces anybody accessing "govern-related" websites to use a SAML2 (SPID) or an ID-related (CIE) authentication. In moodle app, the authentication is done through an in-app browser. Until version 3.8 both types of authentication were working good.

With version 4, while the pure SAML2 still works OK, the ID-related integration is not.

The ID system (made by the government so not much to do about that) checks if an app is on the device (CIEID) and eventually launches it... or refuses to perform any kind of authentication!

Apparently, the in-app browser of version 3.8 was letting the website service "pass through the device" and check if the app was installed to launch it. This is broken in 4.0.

To test, please contact me privately so I can give you the link to the production platform this is happening.

Attachments

Activity

People

Assignee:: Juan Leyva

Reporter:: Christian Deligant

Participants:: Christian Deligant, Juan Leyva

Component watchers:

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 23/Sep/22 4:51 PM

Updated:: 15/Nov/22 5:31 PM