[pbs-devel] [PATCH proxmox-backup v2 0/2] add support for HttpOnly cookies for OpenID authentication flow
Shannon Sterz
s.sterz at proxmox.com
Thu Aug 7 14:03:07 CEST 2025
these two patches do the following:
1. add a `http-only` parameter to the OpenID login endpoint, so clients
can opt into receive the authentication ticket via a HttpOnly cookie
2. opt the ui dialog into using this new HttpOnly parameter
this should fix a bug where users were instantly logged out again after
a successful OpenID authentication.
changes since v1, thanks @ Mira Limbeck:
- fixed an issue where the open id login endpoint would return a
`ticket_info` field instead of a `ticket-info` field.
Shannon Sterz (2):
api: openid: allow users of openid to opt into the HttpOnly cookies
ui: opt open id authentication flows into the new http only flow
src/api2/access/openid.rs | 346 ++++++++++++++++++++++----------------
www/LoginView.js | 1 +
2 files changed, 206 insertions(+), 141 deletions(-)
--
2.47.2
More information about the pbs-devel
mailing list