OmniAuth CSRF protection break the Atlassian Crowd provider
Created by: hudecof
Atlassian Crowd is using OmniAuth::Form to build the login form. In the form is missing the CSRF token.
Is there any way how tu push the CSRF token to OmniAuth without patching the OmniAuth provider?
See my hack to get it work on https://github.com/gitlabhq/gitlabhq/issues/1240
I do not think this new feature has been heavy tested and is finished. How could you pass this token to the other providers?