Fork Sync Branch 17.0-dev

README.md

@@ -30,7 +30,7 @@ addon | version | maintainers | summary
 [auth_ldaps](auth_ldaps/) | 17.0.1.0.0 |  | Allows to use LDAP over SSL authentication
 [auth_oauth_multi_token](auth_oauth_multi_token/) | 17.0.1.0.0 |  | Allow multiple connection with the same OAuth account
 [auth_oidc](auth_oidc/) | 17.0.1.1.0 | [![sbidoul](https://github.com/sbidoul.png?size=30px)](https://github.com/sbidoul) | Allow users to login through OpenID Connect Provider
-[auth_saml](auth_saml/) | 17.0.1.0.1 | [![vincent-hatakeyama](https://github.com/vincent-hatakeyama.png?size=30px)](https://github.com/vincent-hatakeyama) | SAML2 Authentication
+[auth_saml](auth_saml/) | 17.0.1.0.3 | [![vincent-hatakeyama](https://github.com/vincent-hatakeyama.png?size=30px)](https://github.com/vincent-hatakeyama) | SAML2 Authentication
 [auth_session_timeout](auth_session_timeout/) | 17.0.1.0.1 |  | This module disable all inactive sessions since a given delay
 [auth_signup_verify_email](auth_signup_verify_email/) | 17.0.1.0.0 |  | Force uninvited users to use a good email for signup
 [auth_user_case_insensitive](auth_user_case_insensitive/) | 17.0.1.0.0 |  | Makes the user login field case insensitive

auth_saml/README.rst

@@ -7,7 +7,7 @@ SAML2 Authentication
    !! This file is generated by oca-gen-addon-readme !!
    !! changes will be overwritten.                   !!
    !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
-   !! source digest: sha256:ffa8efafb4e4dcf93290b09d3910d691b713c29ca2ba54b6b263a9a4336a49b4
+   !! source digest: sha256:5983d568b4ebbaae513571636a06e69fe04be92d34fb387d48c553be2cbb5aa0
    !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
 
 .. |badge1| image:: https://img.shields.io/badge/maturity-Beta-yellow.png
@@ -96,6 +96,14 @@ Known issues / Roadmap
 Changelog
 =========
 
+17.0.1.0.2 (2025-05-13)
+-----------------------
+
+Bugfixes
+~~~~~~~~
+
+- Avoid redirecting when there is a SAML error.
+
 17.0.1.1.0
 ----------
 

auth_saml/__manifest__.py

@@ -4,7 +4,7 @@
 
 {
     "name": "SAML2 Authentication",
-    "version": "17.0.1.0.1",
+    "version": "17.0.1.0.3",
     "category": "Tools",
     "author": "XCG Consulting, Odoo Community Association (OCA)",
     "maintainers": ["vincent-hatakeyama"],

auth_saml/controllers/main.py

@@ -83,7 +83,7 @@ def _saml_autoredirect(self):
         autoredirect_providers = self.list_saml_providers(True)
         # do not redirect if asked too or if a SAML error has been found
         disable_autoredirect = (
-            "disable_autoredirect" in request.params or "error" in request.params
+            "disable_autoredirect" in request.params or "saml_error" in request.params
         )
         if autoredirect_providers and not disable_autoredirect:
             return werkzeug.utils.redirect(

auth_saml/models/auth_saml_provider.py

@@ -357,7 +357,7 @@ def _hook_validate_auth_response(self, response, matching_value):
         for attribute in self.attribute_mapping_ids:
             if attribute.attribute_name not in attrs:
                 _logger.debug(
-                    "SAML attribute '%s' found in response %s",
+                    "SAML attribute '%s' not found in response %s",
                     attribute.attribute_name,
                     attrs,
                 )

auth_saml/readme/HISTORY.md

@@ -1,3 +1,10 @@
+## 17.0.1.0.2 (2025-05-13)
+
+### Bugfixes
+
+- Avoid redirecting when there is a SAML error.
+
+
 ## 17.0.1.1.0
 
 When using attribute mapping, only write value that changes.