You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This issue is very closely related to issue #5478.
We're getting the same "Error 400: invalid_request" error message as that issue, but for us it's because the GetCurrentPageUrl() function on line 741 of Rock.Blocks/Security/Login.cs just returns a URL in the format of "/page/{Id}" instead of the actual page route URL of the current request.
We have every page on our public website set up with a custom Page Route, and we do not use the /page/{Id} pattern anywhere publically. Our login page is located at "/account/login", which means we have not added (and would prefer not to add) the /page/{Id} URL to Google as a valid redirect_uri.
Actual Behavior
The redirect_uri parameter is sent in the format of "/page/{Id}" because the GetCurrentPageUrl() function is generating the default page URL instead of using the requested URL or one of the specified Page Routes for the page.
Expected Behavior
The actual URL of the current page request should be sent as the return_uri parameter
The Obsidian Login block will now use the current URL path in the redirect_uri beginning in v15.3.
If an individual is on https://yourdomain.com/page/3, then the redirect_uri will be "https://yourdomain.com:443/page/3" (note the port is included to be backward compatible with the old block).
Description
This issue is very closely related to issue #5478.
We're getting the same "Error 400: invalid_request" error message as that issue, but for us it's because the
GetCurrentPageUrl()
function on line 741 of Rock.Blocks/Security/Login.cs just returns a URL in the format of "/page/{Id}" instead of the actual page route URL of the current request.We have every page on our public website set up with a custom Page Route, and we do not use the /page/{Id} pattern anywhere publically. Our login page is located at "/account/login", which means we have not added (and would prefer not to add) the /page/{Id} URL to Google as a valid redirect_uri.
Actual Behavior
The redirect_uri parameter is sent in the format of "/page/{Id}" because the
GetCurrentPageUrl()
function is generating the default page URL instead of using the requested URL or one of the specified Page Routes for the page.Expected Behavior
The actual URL of the current page request should be sent as the return_uri parameter
Steps to Reproduce
Issue Confirmation
Rock Version
15.2
Client Culture Setting
en-US
The text was updated successfully, but these errors were encountered: