Change in SAML password change flow that addresses b/145206636.
Current implementation of SAML password change flow has 2 issues and does not work for Okta IdP: * Empirically chosen timeout used by Authenticator before communicating injected code on IdP page is too short. As a result injected code sometimes does not know where to send the message back. * Password scraping does not work for Okta since it is based on the number of scraped passwords and Okta has 2 old (the one used to authenticate is re-typed) and 2 updated (new + verified). As a result code is not able to determine how to change local credentials and asks user for confirmation every time. 2 changes has been introduced in order to address the issue: timeout was extended to 2s and new logic based on password field ids replaces existing logic for Okta. Bug: 145206636 Change-Id: I0e5083911fd129e4c04e76c07ef5f90cfa5039e0 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1943140 Commit-Queue: Maciek Slusarczyk <mslus@chromium.org> Reviewed-by:Roman Sorokin [CET] <rsorokin@chromium.org> Reviewed-by:
Xiyuan Xia <xiyuan@chromium.org> Cr-Commit-Position: refs/heads/master@{#721929}
Showing
Please register or sign in to comment