IntenseWebs/discourse
3
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-02-25 18:55:32 -06:00
Code Issues Packages Projects Releases Wiki Activity

DEV: Require sso and sig query string params for sso_login

Browse Source
This commit is contained in:
Vinoth Kannan
2018-10-12 05:03:30 +05:30
parent 2502a3f780
commit 39b7e32848
1 changed files with 3 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
app/controllers/session_controller.rb
View File

@@ -108,6 +108,9 @@ class SessionController < ApplicationController
def sso_login
raise Discourse::NotFound.new unless SiteSetting.enable_sso
params.require(:sso)
params.require(:sig)
sso = DiscourseSingleSignOn.parse(request.query_string)
if !sso.nonce_valid?
if SiteSetting.verbose_sso_logging