I work in the public service sector. When we're architecting OAuth2/OIDC integrations we specify using a unique identifier like a guid or some otherwise immutable id as the federation id. This way other attributes that may be ephemeral can change at will. It's not always easy determining this but it's worth it.
I love Digital Ocean, don't get me wrong.
Im just sharing the Bad experience with the "Social Authentication" flow and how long it is taking to solve a simple problem.
This also a heads up for anyone using GitHub as the authentication method.
It's definitely not a simple problem though. Anyone can claim they own your account. And it would be bone-headed to make the re-verification process easy.
I just got an update! Good job Jonathan Leitschuh!
Release notes of 4.4.53932.0709:
Remove local web server
-We are discontinuing the use of a local web server on Mac devices. Following the update, the local web server will be completely removed from the Zoom installation
Option to uninstall Zoom
-Zoom users can now uninstall the Zoom desktop application and all of its components through the settings menu
I can confirm that this vulnerability exists in RingCentral for macOS, version 7.0.136380.0312.
I was taken into Miguel's meeting, but since the host wasn't presented, it simply let me know it was waiting for him (It also had a friendly notice "Your video will turn ON automatically when the meeting starts".
I've changed my settings in Video > Meetings, just like in Zoom, to turn off my vid when joining. Also confirmed that the server is running on port 19424 (via terminal command 'lsof -i :19424').
