Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Nested SSO support #249

Open
rentallect opened this issue Jan 26, 2024 · 2 comments
Open

Nested SSO support #249

rentallect opened this issue Jan 26, 2024 · 2 comments
Assignees
@rentallect
Labels
enhancement New feature or request
Milestone
Public Beta Launch

Comments

@rentallect
Copy link
Member

Explore the possibility of reusing the same JWT bearer token ZBR received from the IdP to authenticate onto the Ziti network as also the bearer token used to authenticate/login to a protected web app that supports federated login from the same IdP (e.g. Mattermost web app and 'login with Google')
@rentallect rentallect added the enhancement New feature or request label Jan 26, 2024
@rentallect rentallect added this to the Public Beta Launch milestone Jan 26, 2024
@rentallect rentallect self-assigned this Jan 26, 2024
@canny Canny
Copy link

canny bot commented Apr 27, 2024

This issue has been linked to a Canny post: Add nested SSO support 🎉

@rickwang7712
Copy link

rickwang7712 commented Jul 16, 2024
edited
Loading

Hi @rentallect ,
I implemented nested sso by avoiding code grant parameters being captured by Browzer.
Below please check my implementations:

  1. ziti-browzer-bootstrapper: add rp's callback path whitelist.
  2. ziti-browzer-sw: only consumes code grant params if the path wasn't set as rp's callback path

If my modifications look good to you, please let me know, and I will send the pull requests.

Thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@rentallect rentallect

Labels
enhancement New feature or request
Projects
BrowZer Roadmap
Status: Backlog
Milestone
Public Beta Launch
Development

No branches or pull requests
2 participants
@rentallect @rickwang7712