Fix SAML Client login flow on Apple devices

Because the redirect from the SAML/SSO endpoint is a POST the lax/strict cookies are not properly send. Note that it is not strictly requried on this endpoint as we do not need the remember me data. Only the real session info is enough. The endpoint is also already protected by a state token. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
author: Roeland Jago Douma <roeland@famdouma.nl> 2018-12-17 12:50:32 +0100
committer: Roeland Jago Douma <roeland@famdouma.nl> 2018-12-17 12:50:32 +0100
commit: 763b52d40270868de55c0763ecc95c7990464413 (patch)
tree: 5f2de8db08ebccdb822ee20416299fb28a4a6ca5
parent: c4a9bd11b93a8855a5f303002eecee12dde9d1d6 (diff)
download: nextcloud-server-763b52d40270868de55c0763ecc95c7990464413.tar.gz
nextcloud-server-763b52d40270868de55c0763ecc95c7990464413.zip
1 files changed, 1 insertions, 0 deletions
diff --git a/core/Controller/ClientFlowLoginController.php b/core/Controller/ClientFlowLoginController.php
index 83bd9faa6c7..7fb89f5ff82 100644
--- a/core/Controller/ClientFlowLoginController.php
+++ b/core/Controller/ClientFlowLoginController.php
@@ -207,6 +207,7 @@ class ClientFlowLoginController extends Controller {
 	/**
 	 * @NoAdminRequired
 	 * @NoCSRFRequired
+	 * @NoSameSiteCookieRequired
 	 * @UseSession
 	 *
 	 * @param string $stateToken
author	Roeland Jago Douma <roeland@famdouma.nl>	2018-12-17 12:50:32 +0100
committer	Roeland Jago Douma <roeland@famdouma.nl>	2018-12-17 12:50:32 +0100
commit	763b52d40270868de55c0763ecc95c7990464413 (patch)
tree	5f2de8db08ebccdb822ee20416299fb28a4a6ca5
parent	c4a9bd11b93a8855a5f303002eecee12dde9d1d6 (diff)
download	nextcloud-server-763b52d40270868de55c0763ecc95c7990464413.tar.gz nextcloud-server-763b52d40270868de55c0763ecc95c7990464413.zip