[pbs-devel] Superseded: [PATCH proxmox-backup 0/2] add support for HttpOnly cookies for OpenID authentication flow
Shannon Sterz
s.sterz at proxmox.com
Thu Aug 7 14:05:25 CEST 2025
Superseded-by: https://lore.proxmox.com/all/20250807120308.257071-2-s.sterz@proxmox.com/T/#t
On Thu Aug 7, 2025 at 12:49 PM CEST, Shannon Sterz wrote:
> these two patches do the following:
>
> 1. add a `http-only` parameter to the OpenID login endpoint, so clients
> can opt into receive the authentication ticket via a HttpOnly cookie
> 2. opt the ui dialog into using this new HttpOnly parameter
>
> this should fix a bug where users were instantly logged out again after
> a successful OpenID authentication.
>
> Shannon Sterz (2):
> api: openid: allow users of openid to opt into the HttpOnly cookies
> ui: opt open id authentication flows into the new http only flow
>
> src/api2/access/openid.rs | 346 ++++++++++++++++++++++----------------
> www/LoginView.js | 1 +
> 2 files changed, 206 insertions(+), 141 deletions(-)
>
> --
> 2.47.2
More information about the pbs-devel
mailing list