mirror of
https://github.com/fleetdm/fleet
synced 2026-04-21 13:37:30 +00:00
83a886b0ec
**Related issue:** Resolves #41381 # Checklist for submitter If some of the following don't apply, delete the relevant line. - [x] Changes file added for user-visible changes in `changes/`, `orbit/changes/` or `ee/fleetd-chrome/changes`. See [Changes files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files) for more information. - [x] Input data is properly validated, `SELECT *` is avoided, SQL injection is prevented (using placeholders for values in statements), JS inline code is prevented especially for url redirects, and untrusted data interpolated into shell scripts/commands is validated against shell metacharacters. ## Testing - [x] Added/updated automated tests - [ ] Where appropriate, [automated tests simulate multiple hosts and test for host isolation](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/reference/patterns-backend.md#unit-testing) (updates to one hosts's records do not affect another) - [ ] QA'd all new/changed functionality manually <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **New Features** - Forward end-user authentication context (EUA token) to the Fleet MSI installer and enrollment flow on Windows MDM to avoid duplicate auth prompts and link devices to hosts. * **Tests** - Added comprehensive unit and integration tests for EUA token creation, validation, and processing to improve reliability. * **Documentation** - Added a note describing support for forwarding end-user authentication context during Windows MDM enrollment. <!-- end of auto-generated comment: release notes by coderabbit.ai -->
1 line
No EOL
190 B
Text
1 line
No EOL
190 B
Text
* Added support for passing end-user authentication context to the Fleet MSI installer during Windows MDM enrollment, so end users are not prompted to authenticate twice when EUA is enabled. |