Does the Discourse SAML plugin honor the SAML RelayState parameter if it is sent by the IDP (identity provider)? That is, will it redirect to where the RelayState parameter says after authentication?
Here is why I ask:
I’m using the SAML plugin to authenticate to an IDP provided by Mini-Orange and running on Joomla. This has worked well.
We are now trying to integrate Discourse with the Linguise product. This amazing product can do on-the-fly translation of every element on the page, and it works very well on our test server that does not use SAML authentication.
Our specific issue is, Linguise works by using a subdomain for each language. So if I’m on https://mysite.com and I use the onscreen language switcher to switch to French for example, it will redirect to https://fr.mysite.com.
Again, this works fine. The problem is the SAML integration.
Discourse SAML sends an authentication request to the IDP and normally it will redirect to the normal main site URL (mysite.com) after authentication. That breaks things, because I want it to redirect to fr.mysite.com.
So I am working with my IDP provider to send an appropriate RelayState parameter that matches the correct site url (fr.mysite.com, which they derive from the HTTP Origin of the original authentication request).
If I pay for this customization, will Discourse honor the RelayState?