Uploaded image for project: 'Nuxeo Platform'
  1. Nuxeo Platform
  2. NXP-27083

Allow OAUTH IdP redirect when only one provider is defined

    XMLWordPrintable

    Details

    • Type: Improvement
    • Status: Open
    • Priority: Minor
    • Resolution: Unresolved
    • Affects Version/s: 10.10
    • Fix Version/s: QualifiedToSchedule
    • Component/s: OAuth

      Description

      Currently when setting up OAUTH and having an authentication like: 

          <require>org.nuxeo.ecm.platform.oauth2.openid.auth.contrib</require>
    <extension target="org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService" point="chain">
      <authenticationChain>
        <plugins> 
          <plugin>OPENID_CONNECT_AUTH</plugin>      
        </plugins>
      </authenticationChain>
    </extension>

      It ends with TOO MANY REDIRECTS error.

      An improvement could be to setup a default provider and have Nuxeo automatically redirect to the OAUTH IdP server.

      This for example works fine in a SAML context where the SP can automatically redirect to the IdP if the IdP is first or alone in the authentication chain.

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              ffischer Frantz Fischer
              Participants:
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated: