Closed Bug 1557779 Opened 1 year ago Closed 1 year ago

OAuth flow broken when user is not already logged in *and* uses duo auth

Categories

(bugzilla.mozilla.org :: General, defect)

Production
defect
Not set
normal

Tracking

()

RESOLVED FIXED

People

(Reporter: dylan, Assigned: dkl)

Details

Attachments

(1 file)

46 bytes, text/x-github-pull-request
Details | Review

This is bug is because we redirect even when we shouldn't.

During the mfa token flow, the following code should not run:

  if ($C->session->{override_login_target}) {
    my $mojo_url = Mojo::URL->new($C->session->{override_login_target});
    $mojo_url->query($C->session->{cgi_params});
    $C->redirect_to($mojo_url);
  }
Assignee: nobody → dkl
Status: NEW → ASSIGNED
Attached file GitHub Pull Request

Merged to master.

Status: ASSIGNED → RESOLVED
Closed: 1 year ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.