frontend icon indicating copy to clipboard operation
frontend copied to clipboard
verified publisher icon SciCatProject

fix: returnUrl from back end was being discarded

Open GBirkel opened this issue 8 months ago • 6 comments

Description

The "returnUrl" value passed to/from the back end was being ignored at the end of the journey. These minor changes detect a "returnUrl" that's part of a successful OIDC login from the v4 back end, and use the value in subsequent navigation after the login page.

Motivation

Together with the changes in https://github.com/SciCatProject/scicat-backend-next/pull/1815 , this makes "returnUrl" work as designed.

Fixes / Changes:

Detecting and extracting "returnUrl" in a successful OIDC redirect. Using "returnUrl" in place of "returnURL" for consistency.

Tests included

Tests pass as before.

Documentation

No documentation changes needed.

Backend version

No specific back end is mandatory, but for "returnUrl" to fully work, the changes in https://github.com/SciCatProject/scicat-backend-next/pull/1815 should be integrated as well.

Summary by Sourcery

Improve handling of returnUrl during OIDC authentication to ensure consistent redirect behavior across different backend versions

Bug Fixes:

  • Fixed discarding of returnUrl during OIDC login process, ensuring users are redirected to the correct page after authentication

Enhancements:

  • Updated returnUrl handling to support both backend v3 and v4 authentication flows
  • Standardized returnUrl parameter naming across components

GBirkel avatar Apr 03 '25 21:04 GBirkel

Proposal to discard this PR and the related backend PR: https://github.com/SciCatProject/scicat-backend-next/pull/1815. The feature works as expected, please get in touch if you are having issues with the exisiting implementation.

omkar-ethz avatar May 07 '25 12:05 omkar-ethz

Fine by me. Thank you for stepping in

nitrosx avatar May 07 '25 13:05 nitrosx

Are we all in agreement to close it?

nitrosx avatar May 07 '25 13:05 nitrosx

This feature definitely didn't work for me until I made the above changes, along with the accompanying back-end PR. I could not successfully pass a return URL from the front end to the back end and have it used in a redirect, and as a result, users who were unauthenticated were always being dropped at the default starting location rather than where they'd originally been.

GBirkel avatar May 07 '25 15:05 GBirkel

That said, if it is breaking current deployments, go ahead and back it out. I'm using a fork for my own deployment and will just avoid pulling in master until I have another look at the situation.

GBirkel avatar May 07 '25 15:05 GBirkel

This feature definitely didn't work for me until I made the above changes, along with the accompanying back-end PR. I could not successfully pass a return URL from the front end to the back end and have it used in a redirect, and as a result, users who were unauthenticated were always being dropped at the default starting location rather than where they'd originally been.

Added my comment about /auth-callback vs /login. Can confirm the feature did not work when OIDC_SUCCESS_URL set to /login, and only worked when it was /auth-callback. Sorry for the confusion. Also in favor to merge this PR.

omkar-ethz avatar May 07 '25 15:05 omkar-ethz

:tada: Snyk checks have passed. No issues have been found so far.

:white_check_mark: security/snyk check is complete. No issues have been found. (View Details)

henrikjohansson712 avatar May 28 '25 00:05 henrikjohansson712