Skip to content

Fix(OidcInitiator): prevent lti_message_hint from being duplicated#216

Open
murtazasultani wants to merge 2 commits into
oat-sa:masterfrom
murtazasultani:fix/oidcinitiator-statepayload
Open

Fix(OidcInitiator): prevent lti_message_hint from being duplicated#216
murtazasultani wants to merge 2 commits into
oat-sa:masterfrom
murtazasultani:fix/oidcinitiator-statepayload

Conversation

@murtazasultani

@murtazasultani murtazasultani commented Feb 12, 2026
edited by coderabbitai Bot
Loading

Copy link
Copy Markdown

See issue details here: #214

Summary by CodeRabbit

  • Bug Fixes
    • Improved OIDC sign-in initialization by correcting how sign-in message fields are handled, ensuring message hints are preserved and included in the returned payload.
    • This change increases compatibility and reliability during external authentication handshakes, reducing failed or misrouted sign-in attempts.

@coderabbitai

coderabbitai Bot commented Feb 12, 2026
edited
Loading

Copy link
Copy Markdown

Walkthrough

Extracted lti_message_hint from incoming OIDC parameters, removed it from the parameters used for CLAIM_PARAMETERS, and returned the hint in the payload from the extracted variable; no control-flow or error-handling changes.

Changes

Cohort / File(s) Summary
OIDC Initiation
src/Security/Oidc/OidcInitiator.php		 Extracted lti_message_hint into a local variable, removed it from the parameters assigned to CLAIM_PARAMETERS, and used the extracted variable as the source for the returned lti_message_hint. No other logic changes.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

🚥 Pre-merge checks | ✅ 3
✅ Passed checks (3 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Docstring Coverage ✅ Passed Docstring coverage is 100.00% which is sufficient. The required threshold is 80.00%.
Title check ✅ Passed The title accurately describes the main change: preventing lti_message_hint duplication in OidcInitiator, which aligns with the commit message and code modifications.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing touches
  • 📝 Generate docstrings
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Post copyable unit tests in a comment

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@murtazasultani murtazasultani changed the title Fix(OidcInitiator): remove unnecessary params from statePayload Fix(OidcInitiator): prevent lti_message_hint from being duplicated in statePayload Feb 12, 2026
@murtazasultani murtazasultani changed the title Fix(OidcInitiator): prevent lti_message_hint from being duplicated in statePayload Fix(OidcInitiator): prevent lti_message_hint from being duplicated Feb 12, 2026
@murtazasultani

murtazasultani commented Mar 2, 2026

Copy link
Copy Markdown
Author

Could you please review this? @wazelin @ekkinox

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@murtazasultani