Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(oxauth): allow authentication for max_age=0 #1714

Closed
yuriyz opened this issue Sep 2, 2022 · 1 comment
Closed

feat(oxauth): allow authentication for max_age=0 #1714

yuriyz opened this issue Sep 2, 2022 · 1 comment
Assignees
@yuriyz
Labels
enhancement libs update, re-factroring, etc.
Milestone
4.5

Comments

@yuriyz
Copy link
Contributor

yuriyz commented Sep 2, 2022
edited
Loading

Describe the issue

Setting max_age parameter with 0 value in a authorization request doesn't allow user to log in at all. After postlogin call user is redirected back to login page.

In addition we can introduce disableAuthnForMaxAgeZero with default value false. If true - authn will be disabled.

max_age
OPTIONAL. Maximum Authentication Age. Specifies the allowable elapsed time in seconds since the last time the End-User was actively authenticated by the OP. If the elapsed time is greater than this value, the OP MUST attempt to actively re-authenticate the End-User. (The max_age request parameter corresponds to the OpenID 2.0 PAPE [OpenID.PAPE] max_auth_age request parameter.) When max_age is used, the ID Token returned MUST include an auth_time Claim Value.

Expected behavior

Setting max_age parameter with 0 value in a authorization request enables the user to log in.

Actual behavior

Setting max_age parameter with 0 value in a authorization request doesn't allow user to log in at all. After postlogin call user is redirected back to login page.

Support: 10742
@yuriyz yuriyz added the enhancement libs update, re-factroring, etc. label Sep 2, 2022
@yuriyz yuriyz added this to the 4.5 milestone Sep 2, 2022
@yuriyz yuriyz self-assigned this Sep 2, 2022
@yuriyz yuriyz mentioned this issue Sep 12, 2022
Closed
2 tasks
yuriyz added a commit that referenced this issue Sep 13, 2022
@yuriyz
feat(oxauth): allow authentication for max_age=0 #1714
0efb26c 
#1714
@yuriyz yuriyz mentioned this issue Sep 13, 2022
Merged
yuriyz added a commit that referenced this issue Sep 13, 2022
@yuriyz
feat(oxauth): allow authentication for max_age=0 #1714 (#1718)
580723b 
#1714
@yuriyz
Copy link
Contributor Author

yuriyz commented Sep 13, 2022

Done in #1718

@yuriyz yuriyz closed this as completed Sep 13, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@yuriyz yuriyz

Labels
enhancement libs update, re-factroring, etc.
Projects
None yet
Milestone
4.5
Development

No branches or pull requests
1 participant
@yuriyz