Persistent data and notification validation
We have several issue about notifications and redirections. I will try to summarize them in this issue.
Use case 1 : persistent redirection
- Connect to test1.example.com
- Redirection to auth.example.com
- Authentication and notifications validation
- Redirection to test1.example.com
- Access to auth.example.com -> not possible, we are redirected to test1.example.com
Here the issue is that pdata is not clear before redirecting to test1.example.com
Use case 2 : notification with 2FA
- Connect to auth.example.com
- Enter TOTP code
- Validate notifications -> infinite redirection loop
[Mon Jul 22 18:50:30 2019] [LLNG:65037] [debug] Get session 5f1af90a06450445ac016ab03ebceac0 from Handler internal cache
[Mon Jul 22 18:50:30 2019] [LLNG:65037] [debug] auth.openid.club: Apply default rule
[Mon Jul 22 18:50:30 2019] [LLNG:65037] [debug] removing cookie
[Mon Jul 22 18:50:30 2019] [LLNG:65037] [debug] Cookies -> llnglanguage=fr; lemonldappdata=%7B%22_choice%22%3A%220_LDAP%22%2C%22_url%22%3A%22aHR0cHM6Ly9hdXRoLm9wZW5pZC5jbHViLy90b3RwMmZjaGVjaw%3D%3D%22%7D; lemonldap=5f1af90a06450445ac016ab03ebceac0
[Mon Jul 22 18:50:30 2019] [LLNG:65037] [debug] CookieName -> lemonldap
[Mon Jul 22 18:50:30 2019] [LLNG:65037] [debug] newCookies -> llnglanguage=fr; lemonldappdata=%7B%22_choice%22%3A%220_LDAP%22%2C%22_url%22%3A%22aHR0cHM6Ly9hdXRoLm9wZW5pZC5jbHViLy90b3RwMmZjaGVjaw%3D%3D%22%7D;
[Mon Jul 22 18:50:30 2019] [LLNG:65037] [debug] User coudot1 was granted to access to /
[Mon Jul 22 18:50:30 2019] [LLNG:65037] [debug] Start routing default route
[Mon Jul 22 18:50:30 2019] [LLNG:65037] [debug] Processing importHandlerData
[Mon Jul 22 18:50:30 2019] [LLNG:65037] [debug] Processing controlUrl
[Mon Jul 22 18:50:30 2019] [LLNG:65037] [debug] Processing checkLogout
[Mon Jul 22 18:50:30 2019] [LLNG:65037] [debug] Processing code ref
[Mon Jul 22 18:50:30 2019] [LLNG:65037] [debug] Launching ::Auth::Choice::_forAuthUser
[Mon Jul 22 18:50:30 2019] [LLNG:65037] [debug] Processing code ref
[Mon Jul 22 18:50:30 2019] [LLNG:65037] [debug] Launching ::UserDB::Choice::_forAuthUser
[Mon Jul 22 18:50:30 2019] [LLNG:65037] [debug] Processing code ref
[Mon Jul 22 18:50:30 2019] [LLNG:65037] [debug] Launching ::Plugins::CDA::changeUrldc
[Mon Jul 22 18:50:30 2019] [LLNG:65037] [debug] Processing code ref
[Mon Jul 22 18:50:30 2019] [LLNG:65037] [debug] Launching ::Password::Choice::_modifyPassword
[Mon Jul 22 18:50:30 2019] [LLNG:65037] [debug] Calling autoredirect
[Mon Jul 22 18:50:30 2019] [LLNG:65037] [debug] Building redirection to https://auth.openid.club//totp2fcheck
Maybe same bug as above, there is a persistent redirection to /totp2fcheck