OAuth2 SSO w/ SSO Provider Doesn't set the redirect?

I think this may be a similar occurrence of this issue from a couple years ago: Discourse doesn't redirect to return_sso_url after user logs in on private site

I’ve got a Rails app that uses omniauth-discourse as a login method, which works well.
Then my Discourse instance uses SSO to another app I maintain.
In this way, Discourse is my SSO Provider, but it’s also using SSO with a different app.

When a user is already logged into Discourse, the redirect back to the original app works great.
When a user is not already logged in, they are directed to the SSO flow, but the return URL is always set as return_sso_url=https://forum.snap.berkeley.edu/session/sso_login. It seems that this should be the original request URL, no?

  • User clicks on the sign in button in the first app, that redirects them to a URL which ultimately looks like this: https://forum.snap.berkeley.edu/session/sso_provider?sso=nonce=4...f&return_sso_url=https://www.snapcon.org/accounts/auth/discourse/callback &sig=1...6 (I decoded it for clarity)
  • Discourse, then redirects to the second app’s Discourse endpoint: https://snap.berkeley.edu/api/v1/discourse-sso?sig=f...d&sso=nonce=6...1&return_sso_url=https://forum.snap.berkeley.edu/session/sso_login
  • User logs in, but is only taken to the forum homepage.

Is there a work-around, or is this something that could be addressed in an update?

I do recognize I’m just using Discourse as a proxy, but right now it’s the best tool I’ve for integrating these two applications.