Fix redirect url redirect_url when OIDC auth mode is enabled (#17628)

* fix redirect url for OIDC auth mode Signed-off-by: Maksym Trofimenko <maksym@container-registry.com> * portal lint_fix Signed-off-by: mtrofimenko <gtpoxa@gmail.com> * make linter happy Signed-off-by: mtrofimenko <gtpoxa@gmail.com> Signed-off-by: Maksym Trofimenko <maksym@container-registry.com> Signed-off-by: mtrofimenko <gtpoxa@gmail.com> Co-authored-by: Maksym Trofimenko <maksym@container-registry.com>
2024-06-25 22:35:11 +02:00 · 2022-10-21 07:38:13 +01:00 · 2022-10-21 07:38:13 +01:00 · 486bdb6b99
commit 486bdb6b99
parent c4146667f1
3 changed files with 23 additions and 5 deletions
--- a/src/core/controllers/oidc.go
+++ b/src/core/controllers/oidc.go
@ -35,6 +35,7 @@ import (
 const tokenKey = "oidc_token"
 const stateKey = "oidc_state"
 const userInfoKey = "oidc_user_info"
+const redirectURLKey = "oidc_redirect_url"
 const oidcUserComment = "Onboarded via OIDC provider"

 // OIDCController handles requests for OIDC login, callback and user onboard
@ -62,6 +63,7 @@ func (oc *OIDCController) RedirectLogin() {
 		oc.SendInternalServerError(err)
 		return
 	}
+	oc.SetSession(redirectURLKey, oc.Ctx.Request.URL.Query().Get("redirect_url"))
 	oc.SetSession(stateKey, state)
 	log.Debugf("State dumped to session: %s", state)
 	// Force to use the func 'Redirect' of beego.Controller
@ -85,7 +87,12 @@ func (oc *OIDCController) Callback() {
 		oc.SendBadRequestError(errors.Errorf("OIDC callback returned error: %s - %s", errorCode, errorDescription))
 		return
 	}
-
+	var redirectURLStr string
+	redirectURL := oc.GetSession(redirectURLKey)
+	if redirectURL != nil {
+		redirectURLStr = redirectURL.(string)
+		oc.DelSession(redirectURLKey)
+	}
 	code := oc.Ctx.Request.URL.Query().Get("code")
 	ctx := oc.Ctx.Request.Context()
 	token, err := oidc.ExchangeToken(ctx, code)
@ -144,7 +151,7 @@ func (oc *OIDCController) Callback() {
 			u = userRec
 		} else {
 			oc.SetSession(userInfoKey, string(ouDataStr))
-			oc.Controller.Redirect(fmt.Sprintf("/oidc-onboard?username=%s", username), http.StatusFound)
+			oc.Controller.Redirect(fmt.Sprintf("/oidc-onboard?username=%s&redirect_url=%s", username, redirectURLStr), http.StatusFound)
 			// Once redirected, no further actions are done
 			return
 		}
@ -170,7 +177,11 @@ func (oc *OIDCController) Callback() {
 		return
 	}
 	oc.PopulateUserSession(*u)
-	oc.Controller.Redirect("/", http.StatusFound)
+
+	if redirectURLStr == "" {
+		redirectURLStr = "/"
+	}
+	oc.Controller.Redirect(redirectURLStr, http.StatusFound)
 }

 func userOnboard(ctx context.Context, oc *OIDCController, info *oidc.UserInfo, username string, tokenBytes []byte) (*models.User, bool) {
--- a/src/portal/src/app/account/sign-in/sign-in.component.html
+++ b/src/portal/src/app/account/sign-in/sign-in.component.html
@ -22,7 +22,7 @@
            </label>
            <div class="login-group">
                <ng-container *ngIf="isOidcLoginMode && steps === 1">
-                    <a href="/c/oidc/login">
+                    <a href="/c/oidc/login?redirect_url={{ redirectUrl }}">
                        <button
                            type="button"
                            id="log_oidc"
--- a/src/portal/src/app/oidc-onboard/oidc-onboard.component.ts
+++ b/src/portal/src/app/oidc-onboard/oidc-onboard.component.ts
@ -12,6 +12,7 @@ import { errorHandler } from '../shared/units/shared.utils';
 })
 export class OidcOnboardComponent implements OnInit {
    url: string;
+    redirectUrl: string;
    errorMessage: string = '';
    oidcUsername = new UntypedFormControl('');
    errorOpen: boolean = false;
@ -23,6 +24,7 @@ export class OidcOnboardComponent implements OnInit {

    ngOnInit() {
        this.route.queryParams.subscribe(params => {
+            this.redirectUrl = params['redirect_url'] || '';
            this.oidcUsername.setValue(params['username'] || '');
        });
    }
@ -31,7 +33,12 @@ export class OidcOnboardComponent implements OnInit {
            .oidcSave({ username: this.oidcUsername.value })
            .subscribe(
                res => {
-                    this.router.navigate([CommonRoutes.HARBOR_DEFAULT]);
+                    if (this.redirectUrl === '') {
+                        // Routing to the default location
+                        this.router.navigateByUrl(CommonRoutes.HARBOR_DEFAULT);
+                    } else {
+                        this.router.navigateByUrl(this.redirectUrl);
+                    }
                },
                error => {
                    this.errorMessage = errorHandler(error);