Problem: Incorrect redirect URL after successful login

Question

Problem: Incorrect redirect URL after successful login

Opened this issue 5 months ago · 3 comments

We have encountered an issue after upgrading from 3.11.0 to 3.14.3.

Our application is hosted on a subpath (e.g. https://x.x.x.x/abc). After moving onto 3.14.3, we found that after user successfully login via ADFS, the application does not get redirected back to the original destination (i.e. https://x.x.x.x/abc), instead it redirects back to https://x.x.x.x with the subpath missing.

I found a change in 3.12.1 was done to fixed redirect URI corruption, not sure if this is related.

Answer 1 · 2024-03-27T09:26:55.000Z

The destination endpoint is temporarily stored in session cookies. The callback endpoint after successful authentication redirects the user to the stored destination. What is the value of your OIDC_REDIRECT_URI? Is your identity provider correctly redirecting back to OIDC_REDIRECT_URI after successful authentication?

Answer 2 · 2024-03-27T09:37:17.000Z

I found the issue is caused by the pull-request #169

        # 3.14.1
        flask.session['destination'] = flask.request.url
        # 3.14.3
        flask.session['destination'] = flask.request.full_path

For my use case the flask.request.full_path was returning /? which broken the redirection after successful authentication. I have downgrade to 3.14.1 for now as temp workaround.

Answer 3 · 2024-08-09T20:14:36.000Z

I am not able to reproduce your issue. It redirects back to the destination where you were at before you are redirected to the identity provider. So all paths, subpaths, path params and query params remain preserved. Flask properly handles empty query param so a redirect to /abc? will be routed to https://x.x.x.x/abc.