Autologin when one client enabled

Just posting the MR as patch to use in composer

You don't need to repost as a patch. Just download the MR patch and use ./patches/3011413.patch in your composer patches file.

https://git.drupalcode.org/project/openid_connect/-/merge_requests/22.patch

Fixed undefined classes for 3.X-dev

The latest patch works for me on 3.x

Small addition to the patch in #94: if one of the endpoints are empty, don't attempt auto login.

Changed

foreach ($client->getEndpoints() as $endpoint) {
  if ($endpoint === NULL) {
    return FALSE;
  }
}

to

foreach ($client->getEndpoints() as $endpoint) {
  if (empty($endpoint)) {
    return FALSE;
  }
}

Hi,

Updated new patch. Included claims to retrieve the scopes from client.

Thanks,
Buvaneswaran.

latest (and most here) patches do not adhere to Drupal coding standards. Unclear why these would pass the test bot.

There is a userinfo endpoint option of "Alternate or no endpoint". We are using Azure's Common API (stupid name for an app which acts as a router to multiple AAD tenants). So far we do know of a userinfo endpoint so we picked the no endpoint option; but then this would leave the endpoint value empty (if filled in, auth fails as it fails trying to access the non-existent endpoint). But, if left empty, this fails the conditions for allowing autologin.

For now we have simply hacked out that condition; but possibly a more thought out solution here? I suspect the thinking was that all the "other" endpoints had to be filled in; but likely not that one.

I modified the patch from #99 to not include userinfo endpoint.

solideogloria → changed the visibility of the branch branch-8.x-1.1 to hidden.

solideogloria → changed the visibility of the branch 2.x to hidden.

solideogloria → changed the visibility of the branch 3.x to hidden.

• I started with patch #94
• I fixed all the coding standards issues that are in the changes (without duplicating the work at 📌 Fix PHPCS errors Needs review ).
• I fixed comment wording

I'm going to look into whether any of the changes after #94 should be included.

MR 98 should be used going forward, as it targets 3.x.

I applied the changes from #103, but with it actually working ($type needed to be added to the for loop).

I have now applied all the requested changes from #94 and after. Please review the changes.

The patch from the MR can be downloaded here. Put it in your project folder and put a reference to ./patches/openid_connect-3011413-mr98.patch or whatever in your composer.patches.json file.

Whenever credit is assigned for this issue, please include:

• rp7 →
• cbuvaneswaran →
• liquidcms →

Bit less strict with endpoints as only authorization is used during login

I addressed the feeback in the 3.x merge request and added a new functional test to validate this functionality. If someone can check the code/test the functionality, I can work on getting this merged.

Addressed the MR feedback. Marking as needs review.

The updated changes still work for me when applied.

All that's left is to look at the thread:

Not sure why you'd want this on user.pass, I'd rather just disable this route.

https://git.drupalcode.org/project/openid_connect/-/merge_requests/98#no...

For anyone updating to alpha6, the MR's .diff file does not apply, but the .patch file DOES apply.

Thanks for the report. I rebased the 3.x branch. Moving this back to ready for review.

pfrilling → changed the visibility of the branch 3011413-autologin-when-one to hidden.

Speaking of the showcore route, there's this issue

Looks good to me.

pfrilling → credited mstrelan → .

Thanks everyone for the feature! I created a followup issue to address the configuration of which routes should redirect here: https://www.drupal.org/project/openid_connect/issues/3507138 ✨ Add setting to enable/disable user login routes from redirecting Active

Automatically closed - issue fixed for 2 weeks with no activity.