Open Closed

SSO requires the user to register using the login page #2852


User avatar
0
dmeagor created
  • ABP Framework version: latest
  • UI type: identity server MVC

Abp's SSO implementation is completely broken and requires users to register using the login page. Existing users cannot login by SSO at all. Its a bug that I reported over a year ago and exists on your own website. There isn't even an SSO option on the register page. It is essentially unusable in its current form.

Standard SSO flow would be as below. Do you intend to fix this any time soon, if not how can I do this myself?

SSO authenticated

  • single user email exists
    • Login to matching account
  • multiple user emails exist
    • display tenant selector and login.
  • email does not exist
    • Register new account

Example.


4 Answer(s)
  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    I agree with you, I have created an Internal issue.

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    What's your ABP Framework version?

    I checked.

    • single user email exists
      • Login to matching account
    • email does not exist
      • Register new account

    This is already implemented.

  • User Avatar
    0
    dmeagor created

    Thanks I'll taker another look, it may be that we have made a mistake with the merging of the IDS MVC pages as we have several overrides setup and may be using some outdates files.

    Regarding the flow, I took another bash at designing something that matches how ABP handles tenants.

    For standard logins logins I've moved password to a later page once the tenant is identified, either by the custom tenant handler or by the tenant selection page.

    Are there any plans to implement a tenant selector page like this? This seems like too much custom code to safely add to our project without causing a security issues if we ever failed to merge changes correctly. If not, any idea how best to approach this?

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi I will report this feature request back to the team,

Made with ❤️ on ABP v9.1.0-preview. Updated on December 05, 2024, 12:19