FIX: redirects back to origin for SSO and omniauth login

This commit is contained in:
Sam 2016-09-16 13:48:50 +10:00
parent 2f8c14fef1
commit e6fcaadd45
3 changed files with 22 additions and 10 deletions

View File

@ -11,15 +11,17 @@ class SessionController < ApplicationController
end end
def sso def sso
return_path = if params[:return_path] destination_url = cookies[:destination_url] || session[:destination_url]
params[:return_path] return_path = params[:return_path] || path('/')
elsif session[:destination_url]
uri = URI::parse(session[:destination_url]) if destination_url && return_path == path('/')
"#{uri.path}#{uri.query ? "?" << uri.query : ""}" uri = URI::parse(destination_url)
else return_path = "#{uri.path}#{uri.query ? "?" << uri.query : ""}"
path('/')
end end
session.delete(:destination_url)
cookies.delete(:destination_url)
if SiteSetting.enable_sso? if SiteSetting.enable_sso?
sso = DiscourseSingleSignOn.generate_sso(return_path) sso = DiscourseSingleSignOn.generate_sso(return_path)
if SiteSetting.verbose_sso_logging if SiteSetting.verbose_sso_logging

View File

@ -20,7 +20,12 @@ class UserApiKeysController < ApplicationController
unless current_user unless current_user
cookies[:destination_url] = request.fullpath cookies[:destination_url] = request.fullpath
redirect_to path('/login')
if SiteSetting.enable_sso?
redirect_to path('/session/sso')
else
redirect_to path('/login')
end
return return
end end

View File

@ -39,10 +39,15 @@ class Users::OmniauthCallbacksController < ApplicationController
@auth_result = authenticator.after_authenticate(auth) @auth_result = authenticator.after_authenticate(auth)
origin = request.env['omniauth.origin'] origin = request.env['omniauth.origin']
if cookies[:destination_url].present?
origin = cookies[:destination_url]
cookies.delete(:destination_url)
end
if origin.present? if origin.present?
parsed = URI.parse(@origin) rescue nil parsed = URI.parse(origin) rescue nil
if parsed if parsed
@origin = parsed.path @origin = "#{parsed.path}?#{parsed.query}"
end end
end end