- Issue created by @ronaldtebrake
- Status changed to Needs review
10 months ago 7:48am 4 April 2024 - Status changed to Fixed
10 months ago 7:26am 5 April 2024 Automatically closed - issue fixed for 2 weeks with no activity.
Currently, the RedirectSubscriber redirects users to the data policy for all scenario's, regardless if there is no consent to give or if the user already gave consent. There is no way for the oAuth flow to determine whether or not the user already has given consent, as there is no access to perform the entity queries.
For now we're going to skip the redirect if the
So one thing we could do here, since we have access to the current user is check if current user is an instance of Drupal\simple_oauth\Authentication\TokenAuthUserInterface because it tells us that a non-Drupal UI application is making requests and that that application should probably decide whether the redirect the user, if that is the case we can skip it.
Fixed
2.0
Code
Automatically closed - issue fixed for 2 weeks with no activity.