Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

OAuth login is ignoring redirect URL #17493

Closed
danielbuechele opened this issue Feb 11, 2023 · 5 comments
Closed

OAuth login is ignoring redirect URL #17493

danielbuechele opened this issue Feb 11, 2023 · 5 comments
Labels
🍰 Improvement

Comments

@danielbuechele
Copy link

Describe the Bug

When navigating to a particular URL of the app, while being logged out, the app should redirect to this URL after a successful login. This is usually done via the redirect query string. However, when using an OAuth provider, this is not happening and instead the user is redirected to the last page stored for their account.

The problem are these lines, where the searchParams are cleared: https://github.com/directus/directus/blob/main/app/src/routes/login/components/sso-links.vue#L55-L58

While I understand, the ?continue param needs to be added to the URL, is there a reason the redirect param is removed?

To Reproduce

  1. Set up Directus to use an OAuth provider.
  2. Head to http://localhost:8055/admin/settings/data-model, while not being logged in
  3. See you are correctly redirected to http://localhost:8055/admin/login?redirect=/settings/data-model
  4. Click the login button for your OAuth provider
  5. Browser navigates to http://localhost:8055/auth/login/<provider_name>?redirect=http://localhost:8055/admin/login?continue
  6. At this point the information where to redirect after the successful login is lost

Errors Shown

No response

What version of Directus are you using?

9.22.3

What version of Node.js are you using?

18.7.0

What database are you using?

Postgres 13.9

What browser are you using?

Chrome 109.0.5414.119

How are you deploying Directus?

locally
@github-actions
Copy link

Linear: ENG-685

@paescuj paescuj added the App label Feb 13, 2023
@u12206050
Copy link
Contributor

Would probably need an additional cookie to track this, as the redirect url in the oauth flow is typically a particular value that has been added to the oauth provider as an "approved redirect" value.

@danielbuechele
Copy link
Author

The ?continue query param is for the redirect URL is added by directus and is not specific to the oauth flow, is it? This makes me think we should be able to add another query param with the redirect URL: ?redirect=/something&continue or am I missing something here?

@Paiman-Rasoli
Copy link
Contributor

Hi @danielbuechele , I have read the entire issue and recently fixed this bug, can I have a PR for this issue?

@Paiman-Rasoli Paiman-Rasoli mentioned this issue Mar 25, 2023
Merged
@rijkvanzanten
Copy link
Member

This was fixed in #17939

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Feb 1, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
🍰 Improvement
Projects
Software Roadmap
Archived in project
Milestone
No milestone
Development

No branches or pull requests
5 participants
@danielbuechele @paescuj @u12206050 @rijkvanzanten @Paiman-Rasoli