Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Make pkce optional #740

Merged
merged 1 commit into from
Dec 21, 2023
Merged

Make pkce optional #740

merged 1 commit into from
Dec 21, 2023

Conversation

julien-nc
Copy link
Member

closes #735

Some providers like Entrust refuse to show the login page and return those to the code endpoint when PKCE parameters are passed in the login page URL: {"error":"invalid_request","error_description":"Invalid request"}.

This disables PKCE by default. It can be enabled in config.php

@julien-nc
make pkce optional
fe0de68 
Signed-off-by: Julien Veyssier <[email protected]>
@julien-nc julien-nc added the enhancement New feature or request label Dec 21, 2023
nc-fkl
nc-fkl approved these changes Dec 21, 2023
View reviewed changes
Copy link
Contributor

@nc-fkl nc-fkl left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

looks good to me

@julien-nc julien-nc merged commit 486b4ec into main Dec 21, 2023
41 checks passed
@julien-nc julien-nc deleted the enh/make-pkce-optional branch December 21, 2023 13:53
@github-actions GitHub Actions
Copy link

github-actions bot commented Jan 5, 2024

Hello there,
Thank you so much for taking the time and effort to create a pull request to our Nextcloud project.

We hope that the review process is going smooth and is helpful for you. We want to ensure your pull request is reviewed to your satisfaction. If you have a moment, our community management team would very much appreciate your feedback on your experience with this PR review process.

Your feedback is valuable to us as we continuously strive to improve our community developer experience. Please take a moment to complete our short survey by clicking on the following link: https://cloud.nextcloud.com/apps/forms/s/i9Ago4EQRZ7TWxjfmeEpPkf6

Thank you for contributing to Nextcloud and we hope to hear from you soon!

@julien-nc julien-nc mentioned this pull request Jan 29, 2024
Merged
@Kranzes
Copy link

Kranzes commented Jan 29, 2024

PKCE should be enabled by default, PKCE is the right way to do OpenID Connect according to the spec. Most Idp's support PKCE I don't think it makes sense to disable PKCE by default because of one flawed ldp. The recent update broke the login functionality for most people I assume.

This was referenced Mar 6, 2024
Closed
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@nc-fkl nc-fkl nc-fkl approved these changes

@rullzer rullzer Awaiting requested review from rullzer

@juliusknorr juliusknorr Awaiting requested review from juliusknorr

Assignees
No one assigned
Labels
enhancement New feature or request feedback-requested
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Error after updating to 1.3.5
3 participants
@julien-nc @Kranzes @nc-fkl