SAML: fix login/logout issues with OKTA #3082

dasgarner · 2023-08-03T16:50:09Z

Two problems:

RelayState is empty, which is interpreted as valid
SLO could (should? its unclear) complete the logout on the Xibo side before redirecting to the IDP

* Middleware: IDE help for getContainer * SAML support for OKTA (#1963) relates to xibosignage/xibo#3082 * Widget: duration not calculated correctly for dataset/menuboard due to upper/lower limits. Refactor calculation duration. * Editor preview, fix js error. * Widget: calculate itemsPerPage for save elements. relates to xibosignageltd/xibo-private#365 * Layout Import relates to xibosignageltd/xibo-private#384 - ignore widgets for modules which don't exist in the CMS - DataSet don't test formulas - fix heading validation message * Layout: sortable search

* SAML support for OKTA (#1963) relates to xibosignage/xibo#3082 Dependabot: * Bump league/oauth2-server from 8.3.5 to 8.4.2 (#1960) * Bump tough-cookie, less and @cypress/request (#1961) * Bump semver from 5.5.0 to 5.7.2 (#1906) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump league/oauth2-server from 8.3.5 to 8.4.2 (#1960) Bumps [league/oauth2-server](https://github.com/thephpleague/oauth2-server) from 8.3.5 to 8.4.2. - [Release notes](https://github.com/thephpleague/oauth2-server/releases) - [Changelog](https://github.com/thephpleague/oauth2-server/blob/8.4.2/CHANGELOG.md) - [Commits](thephpleague/oauth2-server@8.3.5...8.4.2) --- updated-dependencies: - dependency-name: league/oauth2-server dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * SAML support for OKTA (#1963) relates to xibosignage/xibo#3082 * Bump tough-cookie, less and @cypress/request (#1961) Bumps [tough-cookie](https://github.com/salesforce/tough-cookie) to 4.1.3 and updates ancestor dependencies [tough-cookie](https://github.com/salesforce/tough-cookie), [less](https://github.com/less/less.js) and [@cypress/request](https://github.com/cypress-io/request). These dependencies need to be updated together. Updates `tough-cookie` from 2.4.3 to 4.1.3 - [Release notes](https://github.com/salesforce/tough-cookie/releases) - [Changelog](https://github.com/salesforce/tough-cookie/blob/master/CHANGELOG.md) - [Commits](salesforce/tough-cookie@v2.4.3...v4.1.3) Updates `less` from 3.11.1 to 3.13.1 - [Release notes](https://github.com/less/less.js/releases) - [Changelog](https://github.com/less/less.js/blob/master/CHANGELOG.md) - [Commits](less/less.js@v3.11.1...v3.13.1) Updates `@cypress/request` from 2.88.10 to 2.88.12 - [Release notes](https://github.com/cypress-io/request/releases) - [Changelog](https://github.com/cypress-io/request/blob/master/CHANGELOG.md) - [Commits](cypress-io/request@v2.88.10...v2.88.12) --- updated-dependencies: - dependency-name: tough-cookie dependency-type: indirect - dependency-name: less dependency-type: direct:production - dependency-name: "@cypress/request" dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump semver from 5.5.0 to 5.7.2 (#1906) Bumps [semver](https://github.com/npm/node-semver) from 5.5.0 to 5.7.2. - [Release notes](https://github.com/npm/node-semver/releases) - [Changelog](https://github.com/npm/node-semver/blob/v5.7.2/CHANGELOG.md) - [Commits](npm/node-semver@v5.5.0...v5.7.2) --- updated-dependencies: - dependency-name: semver dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump word-wrap from 1.2.3 to 1.2.4 (#1921) Bumps [word-wrap](https://github.com/jonschlinkert/word-wrap) from 1.2.3 to 1.2.4. - [Release notes](https://github.com/jonschlinkert/word-wrap/releases) - [Commits](jonschlinkert/word-wrap@1.2.3...1.2.4) --- updated-dependencies: - dependency-name: word-wrap dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Interactive: make sure notifyByLayoutCode checks for scheduled actions. (#1989) xibosignage/xibo#3086 --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Peter <peter@xibosignage.com>

fixes xibosignage/xibo#3082 This was reviewed previously and lost when force pushing for 4.0.0

dasgarner added this to the 3.3.7 milestone Aug 3, 2023

dasgarner self-assigned this Aug 3, 2023

dasgarner added a commit to dasgarner/xibo-cms that referenced this issue Aug 3, 2023

SAML: changes for OKTA xibosignage/xibo#3082

b92b9c9

dasgarner added a commit to dasgarner/xibo-cms that referenced this issue Aug 4, 2023

SAML: changes for OKTA, after testing. xibosignage/xibo#3082

9ff38ab

dasgarner added a commit to xibosignage/xibo-cms that referenced this issue Aug 4, 2023

SAML support for OKTA (#1963)

8a77268

relates to xibosignage/xibo#3082

dasgarner added a commit to dasgarner/xibo-cms that referenced this issue Aug 4, 2023

SAML support for OKTA (xibosignage#1963)

bdd1ad2

relates to xibosignage/xibo#3082

dasgarner closed this as completed Aug 7, 2023

dasgarner added a commit to xibosignage/xibo-cms that referenced this issue Sep 11, 2023

SAML changes for OKTA (for 3.3) (#2045)

d6749f9

fixes xibosignage/xibo#3082 This was reviewed previously and lost when force pushing for 4.0.0

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

SAML: fix login/logout issues with OKTA #3082

SAML: fix login/logout issues with OKTA #3082

dasgarner commented Aug 3, 2023

SAML: fix login/logout issues with OKTA #3082

SAML: fix login/logout issues with OKTA #3082

Comments

dasgarner commented Aug 3, 2023