Pass through redirectParams to fix #153 (and possibly #154)

CARTAvis · Aug 26, 2023 · d6ffad6 · d6ffad6
1 parent 0eeae02
commit d6ffad6
Show file tree

Hide file tree

Showing 2 changed files with 21 additions and 2 deletions.
diff --git a/public/dashboard.js b/public/dashboard.js
@@ -410,7 +410,7 @@ window.onload = async () => {
 
     const oidcLoginButton = document.getElementById("oidcLogin");
     if (oidcLoginButton) {
-        oidcLoginButton.onclick = () => { window.location.href = `${apiBase}/auth/login` };
+        oidcLoginButton.onclick = () => { window.location.href = `${apiBase}/auth/login${window.location.search}` };
     }
 
     document.getElementById("stop").onclick = handleServerStop;

diff --git a/src/auth/oidc.ts b/src/auth/oidc.ts
@@ -162,7 +162,17 @@ async function callIdpTokenEndpoint (usp: URLSearchParams, req: express.Request,
 
         // After login redirect to the dashboard, but otherwise return a bearer token
         if (isLogin) {
-            return res.redirect(`${new URL(`${RuntimeConfig.dashboardAddress}`, ServerConfig.serverAddress).href}?${new URLSearchParams(`oidcuser=${username}`).toString()}`);
+            const loginUsp = new URLSearchParams();
+            loginUsp.set('oidcuser',`${username}`);
+            if (req.cookies['redirectParams']) {
+                loginUsp.set('redirectParams', req.cookies['redirectParams']);
+                res.cookie('redirectParams', '', {
+                    maxAge: 600000,
+                    httpOnly: true,
+                    secure: !ServerConfig.httpOnly,
+                });
+            }
+            return res.redirect(`${new URL(`${RuntimeConfig.dashboardAddress}`, ServerConfig.serverAddress).href}?${loginUsp.toString()}`);
         }
         else {
             let newAccessToken = { username };
@@ -304,6 +314,15 @@ export async function oidcLoginStart (req: express.Request, res: express.Respons
             usp.set(item[0],item[1])
         }
 
+        // Store redirectParams to redirect post-login
+        if ('redirectParams' in req.query) {
+            res.cookie('redirectParams', req.query['redirectParams'], {
+                maxAge: 600000,
+                httpOnly: true,
+                secure: !ServerConfig.httpOnly,
+            });
+        }
+
         // Return redirect
         return res.redirect(`${oidcAuthEndpoint}?${usp.toString()}`);
     } catch (err) {