Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
Some identity providers provide tokens using POST parameters rather than url encoded GET parameters.
This is the recommended mode if using Azure's OpenID Connect.
The attached patch changes OpenIDConnectRedirectController.php to support both POST and GET.
Comment | File | Size | Author |
---|---|---|---|
#7 | openid_connect-support_form_post-2984506-1-07.patch | 3.52 KB | slasher13 |
#2 | openid_connect-support_form_post-2984506-1-D8.patch | 3.44 KB | drasgardian |
Comments
Comment #2
drasgardian CreditAttribution: drasgardian at Eighty Options commentedpatch attached.
Comment #3
Mario SteinitzThank you for your patch. I had a quick review and don't see a reason, why incoming POST responses should not be supported.
As your patch does not include any breaking changes,
+1 for RTBC.
Comment #4
eiriksmThere is one coding standard error in the patch: There should be no blank line after an inline comment.
Other than that, looks great!
Comment #5
finneI can confirm this works fine in our project.
Comment #6
b2f CreditAttribution: b2f at Axess Open Web Services commentedAlso confirmed to work here with hybrid authentication flow and user infos stored in the id_token (from https://www.drupal.org/project/openid_connect/issues/2965594)
Comment #7
slasher13re-roll
Comment #8
jcnventura CreditAttribution: jcnventura at 1xINTERNET commentedWithout an interdiff, this loses RTBC.
Comment #9
slasher13It's a clean re-roll without changes.
Comment #11
jcnventura CreditAttribution: jcnventura at 1xINTERNET commented