search

iFixit / iFixitAndroid

Official iFixit Android App
https://play.google.com/store/apps/details?id=com.dozuki.ifixit
GNU General Public License v3.0
162 stars 83 forks source link

Fix SAML login error #267

Closed timothyasp closed 7 years ago

timothyasp commented 7 years ago

SAML login for most customers was broken.

The WebView logic that checks for the session cookies returned by the Clients login form was tricked into thinking that it was on the dozuki domain, when really it was still on the SAML login page. This is because we use a "Black List" when deciding if we shouldn't capture and return the cookies. That black list was capturing some false positives due to query params in SAML urls that include the dozuki hostname.

The solution was to make the regex/string-comparison stricter to only look at the first part of the domain, rather than anywhere in the URL string.

BaseInfinity commented 7 years ago

im not an Android expert but the logic looks okay to me CR 👙

djmetzle commented 7 years ago

CR :mag: