Feature #33518: Allow authentication with partial OpenID identifier - TYPO3 Core - TYPO3 Forge

Custom queries

Accessibility
Easy tasks
Forge Triage
JavaScript issues
JavaScript Issues (w/o Epics/Stories)
My open issues
No feedback within 90 days
Open Bugs
Open issues of 10
Recently modified
Regressions
Stabilization Issues
Usability or UX

Watchers (3)

Dmitry Dulepov
Helmut Hummel
Steffen Müller

Actions

Copy link

Feature #33518

closed

Allow authentication with partial OpenID identifier

Added by Xavier Perseguers almost 13 years ago. Updated over 12 years ago.

Status:

Closed

Priority:

Should have

Assignee:

Category:

Miscellaneous

Target version:

Start date:

2012-01-29

Due date:

% Done:

100%

Estimated time:

PHP Version:

Tags:

Complexity:

Sprint Focus:

Description

Currently OpenID authentication requires the user to enter her full OpenID identifier (except for the last "/" which may be omitted):

http://<username>.<some-provider>.<tld>

https://<username>.<some-provider>.<tld>

This patch allows the user to enter only the useful part of this full identifier, namely:

<username>.<some-provider>.<tld>

Files

33518.diff (2.85 KB) 33518.diff

Xavier Perseguers, 2012-01-29 19:51

Related issues 1 (0 open — 1 closed)

Precedes TYPO3 Core - Bug #34439: Open ID login fails

Closed

2012-03-01

Actions

Issue # Delay: days Cancel

History
Notes
Property changes
Associated revisions

Actions

Copy link

Updated by Xavier Perseguers almost 13 years ago

File 33518.diff 33518.diff added
Status changed from New to Needs Feedback

Please find a patch for that. I'd like the security team and Dmitry to have a look at it before hopefully pushing to Gerrit.

Actions

Copy link

Updated by Dmitry Dulepov almost 13 years ago

Writing from iPad, so I did not look into diff. The idea is good but there is one issue. If the identifier contains a path, slash should not be appended. Urls with a slash and without it are different according to rfc. Java urls typically do not have a slash in the end, so appending the slash would break authentication. If that's not the case for the patch, the change should be good.

Actions

Copy link