mahara-contributors team mailing list archive

Thread
Date

[Bug 1771774] [NEW] No way to bypass externallogin

To: mahara-contributors@xxxxxxxxxxxxxxxxxxx
From: bobthevirus <bobthevirus@xxxxxxxxx>
Date: Thu, 17 May 2018 09:04:18 -0000
Reply-to: Bug 1771774 <1771774@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

Public bug reported:

When the externallogin setting is turned on, it's impossible to fix
things such as metadata URLs etc which are required for some external
logins to work.

It would be good to be able to pass in a special URL parameter to make
Mahara skip the external login process. Here is a patch which I can push
up to gerrit once someone confirms that the proposed change is useful
and that the url parameter is unique enough:

diff --git a/htdocs/auth/lib.php b/htdocs/auth/lib.php
index 779d080352..4baf2c7875 100644
--- a/htdocs/auth/lib.php
+++ b/htdocs/auth/lib.php
@@ -1171,7 +1171,7 @@ function auth_draw_login_page($message=null, Pieform $form=null) {
     }
 
     $externallogin = get_config('externallogin');
-    if ($externallogin) {
+    if ($externallogin && !isset($_GET['internallogin'])) {
         $externallogin = preg_replace('/{shorturlencoded}/', urlencode(get_relative_script_path()), $externallogin);
         $externallogin = preg_replace('/{wwwroot}/', get_config('wwwroot'), $externallogin);
         redirect($externallogin);

** Affects: mahara
     Importance: Undecided
         Status: New


** Tags: wishlist

-- 
You received this bug notification because you are a member of Mahara
Contributors, which is subscribed to Mahara.
Matching subscriptions: Subscription for all Mahara Contributors -- please ask on #mahara-dev or mahara.org forum before editing or unsubscribing it!
https://bugs.launchpad.net/bugs/1771774

Title:
  No way to bypass externallogin

Status in Mahara:
  New

Bug description:
  When the externallogin setting is turned on, it's impossible to fix
  things such as metadata URLs etc which are required for some external
  logins to work.

  It would be good to be able to pass in a special URL parameter to make
  Mahara skip the external login process. Here is a patch which I can
  push up to gerrit once someone confirms that the proposed change is
  useful and that the url parameter is unique enough:

  diff --git a/htdocs/auth/lib.php b/htdocs/auth/lib.php
  index 779d080352..4baf2c7875 100644
  --- a/htdocs/auth/lib.php
  +++ b/htdocs/auth/lib.php
  @@ -1171,7 +1171,7 @@ function auth_draw_login_page($message=null, Pieform $form=null) {
       }
   
       $externallogin = get_config('externallogin');
  -    if ($externallogin) {
  +    if ($externallogin && !isset($_GET['internallogin'])) {
           $externallogin = preg_replace('/{shorturlencoded}/', urlencode(get_relative_script_path()), $externallogin);
           $externallogin = preg_replace('/{wwwroot}/', get_config('wwwroot'), $externallogin);
           redirect($externallogin);

To manage notifications about this bug go to:
https://bugs.launchpad.net/mahara/+bug/1771774/+subscriptions

Follow ups

[Bug 1771774] Re: Bypass externallogin
From: Cecilia Vela Gurovic, 2019-04-30
[Bug 1771774] Re: Bypass externallogin
From: Kristina Hoeppner, 2019-04-07
[Bug 1771774] Re: No way to bypass externallogin
From: Kristina Hoeppner, 2019-03-23
[Bug 1771774] A change has been merged
From: Mahara Bot, 2019-03-22
[Bug 1771774] Re: No way to bypass externallogin
From: Robert Lyon, 2019-03-22
[Bug 1771774] Re: No way to bypass externallogin
From: Steven, 2019-03-19
[Bug 1771774] Re: No way to bypass externallogin
From: Steven, 2019-03-19
[Bug 1771774] Re: No way to bypass externallogin
From: Robert Lyon, 2019-01-30
[Bug 1771774] A patch has been submitted for review
From: Mahara Bot, 2019-01-30