FIX: redirects back to origin for SSO and omniauth login
This commit is contained in:
parent
2f8c14fef1
commit
e6fcaadd45
|
@ -11,15 +11,17 @@ class SessionController < ApplicationController
|
|||
end
|
||||
|
||||
def sso
|
||||
return_path = if params[:return_path]
|
||||
params[:return_path]
|
||||
elsif session[:destination_url]
|
||||
uri = URI::parse(session[:destination_url])
|
||||
"#{uri.path}#{uri.query ? "?" << uri.query : ""}"
|
||||
else
|
||||
path('/')
|
||||
destination_url = cookies[:destination_url] || session[:destination_url]
|
||||
return_path = params[:return_path] || path('/')
|
||||
|
||||
if destination_url && return_path == path('/')
|
||||
uri = URI::parse(destination_url)
|
||||
return_path = "#{uri.path}#{uri.query ? "?" << uri.query : ""}"
|
||||
end
|
||||
|
||||
session.delete(:destination_url)
|
||||
cookies.delete(:destination_url)
|
||||
|
||||
if SiteSetting.enable_sso?
|
||||
sso = DiscourseSingleSignOn.generate_sso(return_path)
|
||||
if SiteSetting.verbose_sso_logging
|
||||
|
|
|
@ -20,7 +20,12 @@ class UserApiKeysController < ApplicationController
|
|||
|
||||
unless current_user
|
||||
cookies[:destination_url] = request.fullpath
|
||||
redirect_to path('/login')
|
||||
|
||||
if SiteSetting.enable_sso?
|
||||
redirect_to path('/session/sso')
|
||||
else
|
||||
redirect_to path('/login')
|
||||
end
|
||||
return
|
||||
end
|
||||
|
||||
|
|
|
@ -39,10 +39,15 @@ class Users::OmniauthCallbacksController < ApplicationController
|
|||
@auth_result = authenticator.after_authenticate(auth)
|
||||
|
||||
origin = request.env['omniauth.origin']
|
||||
if cookies[:destination_url].present?
|
||||
origin = cookies[:destination_url]
|
||||
cookies.delete(:destination_url)
|
||||
end
|
||||
|
||||
if origin.present?
|
||||
parsed = URI.parse(@origin) rescue nil
|
||||
parsed = URI.parse(origin) rescue nil
|
||||
if parsed
|
||||
@origin = parsed.path
|
||||
@origin = "#{parsed.path}?#{parsed.query}"
|
||||
end
|
||||
end
|
||||
|
||||
|
|
Loading…
Reference in New Issue