This repository has been archived by the owner on Apr 26, 2024. It is now read-only.
Consent flow skipped during SSO user registration if username is left at default #10732
Labels
A-Social Login
Login via external identity providers
S-Minor
Blocks non-critical functionality, workarounds exist.
T-Defect
Bugs, crashes, hangs, security vulnerabilities, or other reported issues.
Comments
4 tasks
reivilibre
added
S-Minor
richvdh
pushed a commit
that referenced
this issue
Sep 10, 2021
Fixes #10732: consent flow skipped during SSO user registration if username is left at default Signed-off-by: Andrew Ferrazzutti fair@miscworks.net
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Description
When using an SSO mapping provider that automatically sets a new user's mxid localpart (as opposed to prompting the user to choose it), then requiring consent tracking on new user registration doesn't work: registering a new user via SSO does not prompt for consent & lets the registration finish as if consent was not required.
Steps to reproduce
Expected results: The registration flow should eventually open a webpage at
/_matrix/consentand not register a new user until the consent form on that page has been submitted.Actual results: The registration will complete without prompting for consent, as if
user_consent.require_at_registrationwas not set. Other consent configurations still take affect, though, such asuser_consent.block_events_error.Version information
If not matrix.org:
Version: 1.41.1
Install method: git clone
The text was updated successfully, but these errors were encountered: