BookStack/app/Http
Dan Brown cdef1b3ab0
Updated SAML ACS post to retain user session
Session was being lost due to the callback POST request cookies
not being provided due to samesite=lax. This instead adds an additional
hop in the flow to route the request via a GET request so the session is
retained. SAML POST data is stored encrypted in cache via a unique ID
then pulled out straight afterwards, and restored into POST for the SAML
toolkit to validate.

Updated testing to cover.
2021-10-20 13:34:00 +01:00
..
Controllers Updated SAML ACS post to retain user session 2021-10-20 13:34:00 +01:00
Middleware Applied changes from styleci 2021-10-08 22:23:17 +01:00
Requests Change application namespace to BookStack 2015-09-10 19:31:09 +01:00
Kernel.php Applied changes from styleci 2021-10-08 22:23:17 +01:00
Request.php Apply fixes from StyleCI 2021-06-26 15:23:15 +00:00