mirror of
https://github.com/fosrl/pangolin.git
synced 2026-07-09 23:49:47 +02:00
Fix #3099
This commit is contained in:
@@ -736,11 +736,14 @@ export async function verifyResourceSession(
|
||||
}
|
||||
}
|
||||
|
||||
// If headerAuthExtendedCompatibility is activated but no clientHeaderAuth provided, force client to challenge
|
||||
// If headerAuthExtendedCompatibility is activated but no clientHeaderAuth provided, force client to challenge.
|
||||
// Skip the challenge when SSO is also enabled so browsers get the SSO redirect instead of a native Basic
|
||||
// Auth dialog; clients that proactively send Authorization: Basic are still accepted above.
|
||||
if (
|
||||
headerAuthExtendedCompatibility &&
|
||||
headerAuthExtendedCompatibility.extendedCompatibilityIsActivated &&
|
||||
!clientHeaderAuth
|
||||
!clientHeaderAuth &&
|
||||
!sso
|
||||
) {
|
||||
return headerAuthChallenged(res, redirectPath, resource.orgId);
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user