Okta | Remove "fallback" option for apps #2451
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
raphaelkabo
approved these changes
Oct 23, 2023
…eded, or implemented
coldlink
force-pushed
the
mm/remove-fallback
branch
from
cd2e46f to
3572348
Compare
coldlink
requested review from
guardian-ci
and removed request for
guardian-ci
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
What does this change?
The fallback option was considered as part of the initial Okta integration with Native Apps in order to provide an option for apps to still authenticate even if the Okta Hosted Sign In page interception code was to fail.
However this was never implemented in apps as we were unable to get this to work, a lack of resources, the fact that the interception code proved remarkably stable, and now that we've removed SSO option on iOS this will not be possible to implement anyway. We'd already marked the option as deprecated a while back: #2210
So this PR removes all the related fallback code, from the
force_fallbacktesting implementation on the interception code, to the apple site association file, and the OAuth callback route where the fallback was implemented, along with any related documentation to avoid confusion.