Allow new SSO logins in "deny" mode (!19) · Merge requests · obs / open-build-service · GitLab

Snippets Groups Projects

Merged Andrej Shadura requested to merge allow-sso-in-deny-mode into collabora/staging 3 years ago

The can_register check is actually only suitable for preventing new unverified registrations; in SSO mode, we normally trust the SSO provider have performed the checks and only gives us users we’re supposed to let in.

Ideally, this should be a separate set of settings to allow e.g. optionally requiring confirmation on SSO logins or to configure different levels of trust per SSO provider.

Activity

Sjoerd Simons added 2 commits 3 years ago
added 2 commits

c743b6a3 - 1 commit from branch collabora/staging

fca80a4d - Allow new SSO logins in "deny" mode

Compare with previous version
Sjoerd Simons enabled an automatic merge when the pipeline for fca80a4d succeeds 3 years ago

enabled an automatic merge when the pipeline for fca80a4d succeeds
Sjoerd Simons merged 3 years ago

merged

Please register or sign in to reply