Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(redwood): prevent redirects to /undefined after saml auth #670

Merged
merged 1 commit into from
Aug 15, 2024
Merged

fix(redwood): prevent redirects to /undefined after saml auth #670

merged 1 commit into from
Aug 15, 2024

Conversation

Agrendalath
Copy link
Member

This cherry-picks #669 to Redwood.

Internal-ref: https://tasks.opencraft.com/browse/BB-9010

@Agrendalath Agrendalath self-assigned this Aug 13, 2024
tecoholic
tecoholic approved these changes Aug 15, 2024
View reviewed changes
Copy link
Member

@tecoholic tecoholic left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@Agrendalath Thank you for creating the PR. 👍

  • I tested this: Setup a redwood instance from the PR branch and verified that SAML authenticated users aren’t redirected to /undefined.
  • I read through the code
  • I checked for accessibility issues
  • Includes documentation

@tecoholic @Agrendalath
fix: prevent redirects to /undefined after saml auth
2d902ee 
When a user authenticates using SAML, but their accounts aren't linked,
they land on the login page with the message to link their accounts. If the
`OC_REDIRECT_ON_TPA_UNLINKED_ACCOUNT` value is not set, they are redirected to
`/undefined`. This commit checks that the `redirectURL` is a valid non-empty
string before performing the redirect.

The bug was introduced in 91f8d36, so this can be safely dropped once that
temporary commit is removed from our branches. For Redwood, the relevant
commit hash is 64f5dea.

Internal-ref: https://tasks.opencraft.com/browse/BB-9010
(cherry picked from commit 9ade4ea)
@Agrendalath Agrendalath force-pushed the agrendalath/BB-9010-prevent-redirects-to-undefined-after-saml-auth-redwood-cherry-pick branch from f5135a2 to 2d902ee Compare August 15, 2024 20:47
@Agrendalath Agrendalath merged commit b801f99 into opencraft-release/redwood.1 Aug 15, 2024
77 checks passed
@Agrendalath Agrendalath deleted the agrendalath/BB-9010-prevent-redirects-to-undefined-after-saml-auth-redwood-cherry-pick branch August 15, 2024 21:40
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tecoholic tecoholic tecoholic approved these changes

Assignees

@Agrendalath Agrendalath

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@Agrendalath @tecoholic