Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
In some sites, it could be confusing for some users being asked if they want to login "just this time" or if they want to login "always".
I'm attaching a patch to enable/disable the possibility to skip the openid_provider_form and avoid the question.
Comment | File | Size | Author |
---|---|---|---|
#4 | openid_provider_automatic_signin_for_trusted_sites.patch | 1.47 KB | markwk |
#2 | 1217826-2.patch | 1.6 KB | lelizondo |
#1 | 1217826.patch | 1.61 KB | lelizondo |
Comments
Comment #1
lelizondo CreditAttribution: lelizondo commentedAnd the patch
Comment #2
lelizondo CreditAttribution: lelizondo commentedThe patch in #1 is not working, use this one.
Comment #3
anarcat CreditAttribution: anarcat commentedA little bit of review.
Sounds redundant - "automatic redirection" is always "without asking", isn't it? :)
Watch out for extra whitespace in your patch.
Don't use an extra variable here, just test if (variable_get(..)). Also, need a space after that if statement.
Do we really need to save that here? Can't we just bypass the checks?
I guess that would be my main objection to this patch - I would prefer if that setting wouldn't be persistent in two places in the database - if it is enabled, I would expect the users settings to *not* be saved to the database. Exposing the user to the database internals also doesn't seem very usable, so at the very least I would make it so that the table is effectively cleared when the setting is disabled again. But even that is too crude a solution.
Let's just not save the setting please.
I otherwise agree with the feature in principle.
Comment #4
markwk CreditAttribution: markwk commentedI didn't see this patch / feature earlier should I built my own feature that ties in the openid_sso_provider module. Here's the patch to provide the automatic login.
Comment #5
paranojik CreditAttribution: paranojik commentedI think this #314781 is the issue where most of the work has already been done. We may close this as duplicate. (?)
Comment #6
anarcat CreditAttribution: anarcat commentedIndeed, see #314781: Access rules for realms, even though I think the two features could be orthogonal.
Comment #7
markwk CreditAttribution: markwk commentedI'm a bit behind on this issue. It's been awhile. Why wouldn't this approach about allowing certain sites as automatically accepted?
Comment #8
anarcat CreditAttribution: anarcat commentedI think you're missing a verb there. ;) I don't understand what you mean...
Comment #9
markwk CreditAttribution: markwk commentedWhat I mean is: Why wouldn't this approach about allowing certain sites as automatically accepted work?
Comment #10
anarcat CreditAttribution: anarcat commentedI am not saying it wouldn't work, i am saying it overlaps with the work done in #314781: Access rules for realms. Furthermore from what I can tell your patch depends on a third party table that is not created by the openid_provider module, so it just wouldn't work by itself.