discourse/spec
Matt Marjanović 619d43ea47
FEATURE: Add `prompt=none` functionality to SSO Provider protocol (#22393)
This commit adds support for an optional `prompt` parameter in the
payload of the /session/sso_provider endpoint.  If an SSO Consumer
adds a `prompt=none` parameter to the encoded/signed `sso` payload,
then Discourse will avoid trying to login a not-logged-in user:

 * If the user is already logged in, Discourse will immediately
   redirect back to the Consumer with the user's credentials in a
   signed payload, as usual.

 * If the user is not logged in, Discourse will immediately redirect
   back to the Consumer with a signed payload bearing the parameter
   `failed=true`.

This allows the SSO Consumer to simply test whether or not a user is
logged in, without forcing the user to try to log in.  This is useful
when the SSO Consumer allows both anonymous and authenticated access.
(E.g., users that are already logged-in to Discourse can be seamlessly
logged-in to the Consumer site, and anonymous users can remain
anonymous until they explicitly ask to log in.)

This feature is similar to the `prompt=none` functionality in an
OpenID Connect Authentication Request; see
https://openid.net/specs/openid-connect-core-1_0.html#AuthRequest
2023-09-28 12:53:28 +01:00
..
fabricators DEV: convert grant badge modal to component API (#23378) 2023-09-11 13:56:31 +08:00
fixtures SECURITY: Reduce maximum size of SVG sprite cache to prevent DoS 2023-09-12 15:31:28 -03:00
helpers DEV: Update application_helper_spec following 1bd00076 (#23413) 2023-09-05 20:56:03 +01:00
import_export DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00
initializers DEV: Fix test (#22018) 2023-06-08 16:12:13 -05:00
integration DEV: Update the rubocop-discourse gem 2023-06-26 11:41:52 +02:00
integrity DEV: Remove enable_experimental_hashtag_autocomplete logic (#22820) 2023-08-08 11:18:55 +10:00
jobs FEATURE: site settings to revoke api keys older than a number of days (#23595) 2023-09-15 16:31:29 -03:00
lib FEATURE: improve error message when double liking (#23698) 2023-09-28 16:53:48 +10:00
mailers FIX: Order tags shown in email subject by topics count and name (#22586) 2023-07-13 15:39:58 +08:00
migrations DEV: Switch over category settings to new table - Part 3 (#20657) 2023-09-12 09:51:49 +08:00
models FEATURE: allow filtering posts report by multiple categories (#23669) 2023-09-26 21:56:47 +05:30
multisite DEV: Add S3 upload system specs using minio (#22975) 2023-08-23 11:18:33 +10:00
requests FEATURE: Add `prompt=none` functionality to SSO Provider protocol (#22393) 2023-09-28 12:53:28 +01:00
script/import_scripts DEV: Fix flaky core backend spec (#22650) 2023-07-18 07:01:19 +08:00
serializers DEV: Include context question for chat reviewables (#23332) 2023-09-05 10:11:39 +08:00
services FIX: Delete fast typer reviewable when deleting user (#23162) 2023-08-21 18:03:03 +08:00
support DEV: Improve `upload_theme` system test helper (#23663) 2023-09-27 11:36:55 +08:00
system FIX: Copy button JS test failures (#23687) 2023-09-27 13:05:27 -04:00
tasks DEV: Do not squash commits in `version_bump:stage_security_fixes` (#23547) 2023-09-12 18:00:42 +01:00
views DEV: Fix random typos (#22078) 2023-06-13 22:02:21 +02:00
rails_helper.rb DEV: Allow Capybara's server port to be configurable (#23606) 2023-09-15 11:46:03 +08:00
regenerate_swagger_docs
swagger_helper.rb DEV: Apply syntax_tree formatting to `spec/*` 2023-01-09 11:49:28 +00:00