Redirect to requested URL after SSO

bug
1

The Scenario:

We have a private, login required, Discourse installation that is relying on an external php/CodeIgniter site for SSO.
SSO is working to sign in users just fine.

The Problem:

When someone tries to hit a URL on the private Discourse site they’re redirected to the SSO login and hence the login form on the external site immediately.
After login they’re then directed to the root of the Discourse site, not the originally requested URL.
I’ve tried getting the referring url at the SSO endpoint but $_SERVER['HTTP_REFERER']; is empty.

Am I missing something that will allow me to send them back to the originally requested URL on the Discourse site?

2 Likes
2

I know @techapj fixed this for regular login. Not sure what the state is for SSO, perhaps you can check it and advise Arpit?

3

the protocol allows you to specify a return url. it works fine in plenty of spots.

4

I just ran into this issue too (users are redirected to root and not originally requested URL).

When “login required” is off the redirect works as expected … but I’d like to enable that setting.

5 Likes
5

Seeing this issue too.

The “login required” option might be causing issues in other parts of the program as well - see Using Discourse API to return user data when the "Require authentication to read content on this site, disallow anonymous access." setting is checked.

6

We’ve got this issue as well. We’ve got the login required flag on, we’re using the SSO, and when a user’s not logged into Discourse and tries to access a protected thread from a link on our main site, they’re redirected to the root of Discourse when they successfully log in instead of to the thread they want.

We were seeing some strange stuff happening when the login required flag is turned off, but that may be something strange with our implementation as opposed to some general problem, as it’s not consistent.

7

Hello @sam and @codinghorror,
We even created a plugin to handle this situation, but it’s not working anymore since our last Discourse upgrade.

So I’m taking this “opportunity” to ask if such plugin is really necessary.

Are there any fixes for this?
Or, what should I do in order to redirect the user to the proper URL after an SSO login?

Thanks in advance!

8

No plugin should be required, this does sound a bit like a bug to me.

I am going to recategorize this PR to fix is welcome.

9

This is actually a general bug with login required, we never redirect you back to the original URL.

To repro:

  1. enable login required
  2. copy url of a topic
  3. log out
  4. paste url of a topic
  5. log in
  6. you are on the home page

@techAPJ perhaps add this to your list.

1 Like
10

That used to work, so this is a regression.

confirmed: login now loses the original URL, tested on parley.rubyrogues.com

11

Not able to repro this for instances with SSO disabled.

Working on a fix for SSO enabled instances.

UPDATE: seems like I can repro it on SSO disabled instances too, by logging in via Google.

12

Fixed via:

https://github.com/discourse/discourse/commit/7abd4687e2d80956d97a006c3a8b2411e1823b72

4 Likes
13

I tried to repro this case on my SSO enabled instance and was unable to repro it. Seems like this issue is fixed now. @dansingerman fixed this issue 17 days ago via:

https://github.com/discourse/discourse/pull/3519

Thanks @dansingerman! :gift_heart:

Can someone else please confirm this fix? cc @scanferla @scott_sfn @Eric_Hoxworth @casey

5 Likes
14

This topic was automatically closed after 3 days. New replies are no longer allowed.