action #89710
closed
Add redirection after login compatible to the new IDP login system size:M
Added by okurz almost 4 years ago.
Updated over 3 years ago.
Category:
Feature requests
Description
Motivation¶
Before there was a new IDP login system put in place at SUSE redirection to the page where a user started a login from still worked. This seems to have regressed as the user is always redirected to the openQA index page after login, see #68287 . We can try to support the new IDP login system with adding necessary config to the openid.return-to value or something
Acceptance criteria¶
- AC1: After login from a subpage, e.g. /tests, the user is redirected to the same page
Suggestions¶
- Try the suggestion from #68287#note-5
- Configure local instance to use the openID authentication, try it out, mock for tests
- Related to tickets #68287: openqa redirects to startpage after login since new IDP was introduced added
- Subject changed from Add redirection after login compatible to the new IDP login system to Add redirection after login compatible to the new IDP login system size:M
- Description updated (diff)
- Status changed from New to Workable
- Priority changed from Low to Normal
- Target version changed from future to Ready
- Status changed from Workable to In Progress
- Assignee set to dheidler
- Status changed from In Progress to Feedback
- Status changed from Feedback to Resolved
It works when you are on a non-admin page before you login.
It seems that the automated redirect to login that happens when accessing an admin page without being already logged in is not working.
I will have a look.
- Status changed from Resolved to In Progress
The problem is that if an admin-only or operator-only page is accessed without a session the user is redirected to /login
:
sub ensure_operator {
my ($self) = @_;
$self->redirect_to('login') and return undef unless $self->current_user;
$self->render(text => "Forbidden", status => 403) and return undef unless $self->is_operator;
return 1 if $self->req->method eq 'GET' || $self->valid_csrf;
$self->render(text => 'Bad CSRF token!', status => 403);
return undef;
}
sub ensure_admin {
my ($self) = @_;
$self->redirect_to('login') and return undef unless $self->current_user;
$self->render(text => "Forbidden", status => 403) and return undef unless $self->is_admin;
return 1 if $self->req->method eq 'GET' || $self->valid_csrf;
$self->render(text => 'Bad CSRF token!', status => 403);
return undef;
}
When a 302-redirect is performed, the browser is sending the original referrer (the page that the user was on before he clicked the link pointing to the admin page) and not the admin page itself, which initiated the redirect.
- Status changed from In Progress to Feedback
- Status changed from Feedback to Resolved
Also available in: Atom
PDF