Login redirect during sso provider login

On my site, lets say example.com, I have a link to my discourse site with a sso payload. For example discourse.com/session/sso_provider?sso=afjakfj&sig=sdjfsdkfj. After the user clicks this link, If the user is not logged on to Discourse, the user is first redirected to the discourse.com/login. When the user successfully enters their username and password, there is an ajax request in the background to the return_sso_url stored in the payload; the page then proceeds to redirect the user to the index of discourse.com. I expect the user to be redirected back to example.com.

For background see Using the Discourse SSO provider feature.

4 Likes

@techAPJ can you give fixing this a shot, its a bit tricky but testable in an integration test

3 Likes

Any progress here? @techAPJ

Okay, fixed this bug (finally!) :turtle:

https://github.com/discourse/discourse/commit/c28843e87bb8d4fc94124a4d530acc988d60e579

Verified the code by testing against PHP scripts created by @paxmanchris (thanks!) :gift:

4 Likes