serverpack: Refactor multiauth sso cookie on validate principal

2026-01-13 14:32:39 +01:00
parent ed08980df3
commit b879555e6a
1 changed files with 5 additions and 4 deletions
--- a/src/ServerPack/src/MultiAuth.fs
+++ b/src/ServerPack/src/MultiAuth.fs
@@ -249,10 +249,11 @@ let ssoCookieOptions (settings: MultiAuthSettings) (o: CookieAuthenticationOptio
    o.ExpireTimeSpan <- TimeSpan.FromHours settings.sso.ttl
    o.Events.OnValidatePrincipal <-
        fun ctx ->
-            if ctx.Principal.HasClaim(fun x -> x.Type = "impersonating") then
-                Task.FromResult ()
-            else
-                updatePrincipalContext settings.oidc ctx
+            task {
+                let isImpersonating = ctx.Principal.HasClaim(fun x -> x.Type = "impersonating")
+                if not isImpersonating then
+                    do! updatePrincipalContext settings.oidc ctx
+            }

 let oidOptions (settings: MultiAuthSettings) (o: OpenIdConnectOptions) =
    o.Authority <- settings.oidc.issuer