I think this may be a similar occurrence of this issue from a couple years ago: Discourse doesn't redirect to return_sso_url after user logs in on private site
I’ve got a Rails app that uses omniauth-discourse as a login method, which works well.
Then my Discourse instance uses SSO to another app I maintain.
In this way, Discourse is my SSO Provider, but it’s also using SSO with a different app.
When a user is already logged into Discourse, the redirect back to the original app works great.
When a user is not already logged in, they are directed to the SSO flow, but the return URL is always set as
return_sso_url=https://forum.snap.berkeley.edu/session/sso_login. It seems that this should be the original request URL, no?
- User clicks on the sign in button in the first app, that redirects them to a URL which ultimately looks like this:
https://forum.snap.berkeley.edu/session/sso_provider?sso=nonce=4...f&return_sso_url=https://www.snapcon.org/accounts/auth/discourse/callback &sig=1...6(I decoded it for clarity)
- Discourse, then redirects to the second app’s Discourse endpoint:
- User logs in, but is only taken to the forum homepage.
Is there a work-around, or is this something that could be addressed in an update?
I do recognize I’m just using Discourse as a proxy, but right now it’s the best tool I’ve for integrating these two applications.