From fc3e34d3441ef6e9c9d1170ce923d614e902ed16 Mon Sep 17 00:00:00 2001
From: iliana etaoin <iliana@oxide.computer>
Date: Fri, 19 Aug 2022 18:54:08 +0000
Subject: [PATCH] Remove scheme + authority from login redirect URIs

---
 nexus/src/external_api/console_api.rs | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/nexus/src/external_api/console_api.rs b/nexus/src/external_api/console_api.rs
index 1d1fa18ccd0..119b19ea10a 100644
--- a/nexus/src/external_api/console_api.rs
+++ b/nexus/src/external_api/console_api.rs
@@ -586,11 +586,17 @@ pub async fn console_index_or_login_redirect(
     // otherwise redirect to idp
 
     // put the current URI in the query string to redirect back to after login
-    let uri = rqctx.request.lock().await.uri().to_string();
+    let uri = rqctx
+        .request
+        .lock()
+        .await
+        .uri()
+        .path_and_query()
+        .map(|p| p.to_string());
 
     Ok(Response::builder()
         .status(StatusCode::FOUND)
-        .header(http::header::LOCATION, get_login_url(Some(uri)))
+        .header(http::header::LOCATION, get_login_url(uri))
         .body("".into())?)
 }