examples lose state

[henris42]

Hi,

I was tinkering with the examples, using rocket frontend. I tried to quickly integrate a 3rd party service - everything work to the point after accept/deny where the system redirects back to the service. The issue is that "state" is missing from the redirecting URL. (3rd part software sets it correctly, it continues ok if I add it manually..)

Any pointers how to make it work?

[HeroicKatora]

The 'consent' page in the example seems to not set the state parameter for the POST on clicking the 'Accept' button since it uses a hardcode url (this one).

This seems to be an architectural deficiency since the state is not passed to check_consent so that it is not possible to assemble the form target url from the provided parameters.

As a workaround, it would be possible to extract the state parameter from window.location.search in js on the page. (I'm no frontend expert so this is just an idea).

[henris42]

OK thanks for the info!

I think correct way to fix is to improve check_consent. In my real project I need a completely different consent mechanish anyways so I'd appreciate any pointers to get started on that!

[HeroicKatora]

This should no longer be the case since #110 .