[FIX] SAML credentialToken removal was preventing mobile from being able to authenticate #14345
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
rafaelks
approved these changes
May 1, 2019
geekgonecrazy
changed the title
geekgonecrazy
changed the title
|
can't the mobile app send the connection id in the SAML request instead of the random secret? |
|
I don't know if they can. But if they can't quickly.. this is breaking installs right now. So not really something we should spend much time on. @RocketChat/android @RocketChat/ios do you guys have access to the connection id would you be able to use it instead of a random string? @RocketChat/core do we see security risks for them relying on connection id? Doesn't matter to much to me as long as this is fixed on one end or the other |
rodrigok
pushed a commit
that referenced
this pull request
May 9, 2019
Merged
rodrigok
added a commit
that referenced
this pull request
May 10, 2019
* [FIX] New day separator overlapping above system message (#14362) * Improve German translations (#14351) * Use the plural for discussions-section in side panel * Formal and informal translations for 1.0 * fix german typos * [FIX] Main thread title on replies (#14372) * fix * fix test * fix setting * Update tests/pageobjects/main-content.page.js Co-Authored-By: ggazzo <guilhermegazzo@gmail.com> * Update app/ui-utils/client/lib/RoomHistoryManager.js Co-Authored-By: ggazzo <guilhermegazzo@gmail.com> * [FIX] Bell was too small on threads (#14394) * [FIX] Messages on threads disappearing (#14393) * fix subscription-changed updating all messages(#14391) * Fix: Message body was not being updated when user disabled nrr message (#14390) * [NEW] Allow change Discussion's properties (#14389) * [FIX] Unnecessary meteor.defer on openRoom (#14396) * [FIX] more message actions to threads context(follow, unfollow, copy, delete) (#14387) * added more message actions to threads context * more actions * change token name (#14379) * [FIX] Pressing Enter in User Search field at channel causes reload (#14388) * Prevent default on enter in User search * Prevent form submission in membersList * If using subpath make sure streams use that also for multi-instance. Fixes #13200 (#14376) * Revert "[IMPROVE] Use SessionId for credential token in SAML request (#13791)" (#14345) This reverts commit 3967a74. * Add fallback to mongo version that doesn't require clusterMonitor role (#14403) * [FIX] Users actions in administration were returning error (#14400) * Fix actions collapse into popup in userInfo * Refactor userActions * [FIX] Error 400 on send a reply to an old thread (#14402) * fix error 400 on send a reply to an old thread * ignoring properly hidden messages * [FIX] Messages on thread panel were receiving wrong context/subscription (#14404) * [FIX] preview pdf its not working (#14419) * [FIX] renderMessageBody was caching messages in wrong scenarios #14420 * LingoHub Update 🚀 (#14426) Manual push by LingoHub User: Diego Sampaio. Project: Rocket.Chat Made with ❤️ by https://lingohub.com * [FIX] Mentions message missing 'jump to message' action (#14430) * fixed context * threads context * [FIX] Escape unrecognized slash command message (#14432) * Add missing german translations (#14386) * [FIX] IE11 support (#14422) * Add symlinks to ES6 node_modules imports * Add URL polyfill for IE11 * Fix thread replies for IE11 * [IMPROVE] allow users to skip activeUsers to be ready (#14431) * allow users to skip activeUsers to be ready * Update main.js * Update app/ui-master/client/main.js Co-Authored-By: ggazzo <guilhermegazzo@gmail.com> * [IMPROVE] Don't use regex to find users (#14397) * Don't use regex to find users * Invert logic on model methods * Escape username regex * Find users in batch * Use only normalizeMessagesForUser * Don't ignore username case to get owners on graphql * Fixes on DAU and MAU aggregations (#14418) * Fixes on SAU and MAU aggregations * Report new data from DAU/MAU * Run tests agains a mongodb container in CI * Try to run CI correctly * Fix drop database * Parse desktop app User Agent correctly * Fix aggregation of past sessions * Return past month today * Fix bug * Add migration * Fixed migration * Migration improvements * Fix crowd sync by using correct logging method (#14405) * Fix room names in user info dialogs (#14415) * Fix discussion name being invalid (#14442) Closes #14378 * Fix i18n files keys sort (#14433) * Add script to normalize i18n files * Fix i18n files * Set as official script * Update package-lock.json * fix (#14443) * Update threads.css * Bump version to 1.0.3 * regen changelog
Merged
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Reverts #13791
This makes both mobile applications not be able to authenticate. So reverting the change
ios and android both send a random token. So we cannot simply stop accepting: https://github.com/RocketChat/Rocket.Chat.Android/pull/1326/files#diff-7274909d551b0d3613c6ba7ef386cfb1R280