pre auth endpoint must check the session state and the previous authn session

italia / eudi-wallet-it-python

Python toolchain for building an OpenID4VP RP with a SATOSA backend compliant with the Italian Wallet implementation profile

Apache License 2.0

17 stars 13 forks source link

Closed peppelinux closed 2 days ago

peppelinux commented 1 year ago

we need to filter out the requests that lands on the disco page without having processed through a SAML2/OIDC frontend

this is required for both UX and security

Zicchio commented 1 week ago

Asking as confirmation.