Loading patches/034-oidc-bearer-token-auth.patch +13 −0 Original line number Diff line number Diff line Loading @@ -17,3 +17,16 @@ // Allow to use the current session if a CSRF token is provided if ($this->request->passesCSRFCheck()) { --- CORSMiddleware.php 2024-04-08 08:53:20.410444998 +0530 +++ CORSMiddleware-new.php 2024-04-08 17:49:15.942402353 +0530 @@ -93,6 +93,10 @@ (!$this->hasAnnotationOrAttribute($reflectionMethod, 'PublicPage', PublicPage::class) || $this->session->isLoggedIn())) { $user = array_key_exists('PHP_AUTH_USER', $this->request->server) ? $this->request->server['PHP_AUTH_USER'] : null; $pass = array_key_exists('PHP_AUTH_PW', $this->request->server) ? $this->request->server['PHP_AUTH_PW'] : null; + + if ($this->session->getSession() instanceof ISession && $this->session->getSession()->exists('is_oidc')) { + return; + } // Allow to use the current session if a CSRF token is provided if ($this->request->passesCSRFCheck()) { Loading
patches/034-oidc-bearer-token-auth.patch +13 −0 Original line number Diff line number Diff line Loading @@ -17,3 +17,16 @@ // Allow to use the current session if a CSRF token is provided if ($this->request->passesCSRFCheck()) { --- CORSMiddleware.php 2024-04-08 08:53:20.410444998 +0530 +++ CORSMiddleware-new.php 2024-04-08 17:49:15.942402353 +0530 @@ -93,6 +93,10 @@ (!$this->hasAnnotationOrAttribute($reflectionMethod, 'PublicPage', PublicPage::class) || $this->session->isLoggedIn())) { $user = array_key_exists('PHP_AUTH_USER', $this->request->server) ? $this->request->server['PHP_AUTH_USER'] : null; $pass = array_key_exists('PHP_AUTH_PW', $this->request->server) ? $this->request->server['PHP_AUTH_PW'] : null; + + if ($this->session->getSession() instanceof ISession && $this->session->getSession()->exists('is_oidc')) { + return; + } // Allow to use the current session if a CSRF token is provided if ($this->request->passesCSRFCheck()) {