From 95e8ea944097ca14d21f2b2a2601f85c28e1cd7c Mon Sep 17 00:00:00 2001 From: Sybren <122987084+drsybren@users.noreply.github.com> Date: Tue, 24 Jan 2023 17:41:38 +0100 Subject: [PATCH] Allow setting `redirect_to` cookie on OAuth login (#22594) The regular login flow can use a `redirect_to` cookie to ensure the user ends their authentication flow on the same page as where they started it. This commit adds the same functionality to the OAuth login URLs, so that you can use URLs like these to directly use a specific OAuth provider: `/user/oauth2/{provider}?redirect_to={post-login path}` Only the `auth.SignInOAuth()` function needed a change for this, as the rest of the login flow is aware of this cookie and uses it properly already. --- routers/web/auth/oauth.go | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/routers/web/auth/oauth.go b/routers/web/auth/oauth.go index 3d70ca9a50..be60a0c73b 100644 --- a/routers/web/auth/oauth.go +++ b/routers/web/auth/oauth.go @@ -847,6 +847,11 @@ func SignInOAuth(ctx *context.Context) { return } + redirectTo := ctx.FormString("redirect_to") + if len(redirectTo) > 0 { + middleware.SetRedirectToCookie(ctx.Resp, redirectTo) + } + // try to do a direct callback flow, so we don't authenticate the user again but use the valid accesstoken to get the user user, gothUser, err := oAuth2UserLoginCallback(authSource, ctx.Req, ctx.Resp) if err == nil && user != nil {