Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Do not verify identity cookie when processing required actions #19459

Merged
merged 1 commit into from
Mar 31, 2023
Merged

Do not verify identity cookie when processing required actions #19459

merged 1 commit into from
Mar 31, 2023

Conversation

pedroigor
Copy link
Contributor

@pedroigor pedroigor commented Mar 31, 2023
edited
Loading

Closes #17539

  • Only check if the user is logged in when requests have the authentication session cookie set. When set, it indicates the authentication is still happening.
  • Missing test coverage when there is no authentication session cookie but the identity cookie is still valid and maps to an existing user session. In this case, the server should continue with the required action without complaining about "user logged in" as there is no authentication/action yet happening.

@pedroigor pedroigor requested review from a team as code owners March 31, 2023 00:38
@pedroigor pedroigor requested a review from a team March 31, 2023 00:38
@pedroigor pedroigor requested a review from a team as a code owner March 31, 2023 00:38
@pedroigor pedroigor requested a review from mposolda March 31, 2023 00:40
@pedroigor pedroigor mentioned this pull request Mar 31, 2023
Closed
@ghost ghost added the flaky-test label Mar 31, 2023
@ghost ghost mentioned this pull request Mar 31, 2023
Closed
@mposolda mposolda merged commit 6086201 into keycloak:main Mar 31, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mposolda mposolda mposolda approved these changes

Assignees
No one assigned
Labels
flaky-test team/cloud-native
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Stepup issue on "remember_me" authentication : alreadyLoggedIn
2 participants
@pedroigor @mposolda