Open martynaslawinska opened 3 years ago
Tagging @aliaksander-samuseu as the original author
@yuriyz
This is an old issue. Can I request you to see if this is still relevant and add priority
, effort
labels if you can?
I guess we should take it further and introduce dedicated json attribute to session to store all previous parameters. It's not first time I see this problem. We are workarounding it but we can do it better.
aliaksander-samuseu commented on May 21, 2019 Suggested in ticket 6911 by a partner, adding here per Yuriy's decision. Their original problem was that when an authz request comes which includes "prompt=login" parameter, it's impossible to recover previous session's context from a custom auth script as previous session is destroyed before it's executed, and thus it's impossible to learn which acr was associated with that previous session.
Quoting their suggestion: