You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Apparently omniauth v1.1.1 now has a "state" param that is used for CSRF checks. This breaks the code in SSO callback. A downgrade to v1.1.0 solves this but we need to fix this for the upgrade.
Omniauth v1.1.1 with omniauth-oauth2 gem creates problems.
http://blog.joshsoftware.com/2010/12/16/multiple-applications-with-devise-omniauth-and-single-sign-on/#comment-5559
Apparently omniauth v1.1.1 now has a "state" param that is used for CSRF checks. This breaks the code in SSO callback. A downgrade to v1.1.0 solves this but we need to fix this for the upgrade.
https://gist.github.com/1d9dcceebeb0e50046f4 shows the callback with state param and this links talks about the state param omniauth/omniauth-oauth2#18
The text was updated successfully, but these errors were encountered: