OpenID login in TYPO3 >=8.7.31 broken #29
Comments
|
I guess this not really broken in the extension, but you need to configure the new setting of TYPO3 differently. The browsers (foremost Chrome) are enforcing this now. (Albeit they relaxed it again as of yesterday due to COVID-19) |
|
Hey @liayn, thanks for the feedback. I installed a fresh TYPO3 and only added the openid extension. Only default settings. Do I have to do something to make it work with TYPO3 and extension default configuration? If it is not a technical problem maybe we should "solve" this through documentation? |
|
Do you use openid for BE or FE authentication? |
|
I'm sorry, I should have clarified. It's backend only for us. |
|
Check if it helps to modify |
|
Still does not work. I created a completely fresh instance with:
I then clicked through the install wizard and added my OpenID URL to the newly created admin user. When I try to log in to the backend via OpenID it redirects me back to this URL: http://my-lando-app.lndo.site/typo3/index.php?commandLI=setCookie. And shows the error message:
Changing Does this clarify the problem? |
|
I tried my best to analyze the issue, but I fail to do that properly as I do not have an openid provider anymore myself. All usual ones (M$, Google, Mozilla etc) have been shut down. Generally OpenID 2.0 as used here has been superseded by OpenID Connect. |
|
I updated the extension now to include the latest release of the upstream php-openid libaray. Maybe this helps here. |
|
In your return [
'BE' => [
'cookieSameSite' => 'lax',
...
],
];This will be documented. |
|
I'm a little late here, but thanks for the hint. Setting |
This core commit TYPO3/typo3@0d5ae4e introduced the usage of symfony/http-foundation for some cookie handling. This broke the openid extension. 8.7.30 works fine, 8.7.31 and 8.7.32 are broken. My guess would be it has something to do with a $_COOKIE check somewhere, but I did not have the time, jet, to inspect the problem more.
The text was updated successfully, but these errors were encountered: