diff --git a/public/dashboard.js b/public/dashboard.js index 8e6f4a2..d2d224c 100644 --- a/public/dashboard.js +++ b/public/dashboard.js @@ -410,7 +410,7 @@ window.onload = async () => { const oidcLoginButton = document.getElementById("oidcLogin"); if (oidcLoginButton) { - oidcLoginButton.onclick = () => { window.location.href = `${apiBase}/auth/login` }; + oidcLoginButton.onclick = () => { window.location.href = `${apiBase}/auth/login${window.location.search}` }; } document.getElementById("stop").onclick = handleServerStop; diff --git a/src/auth/oidc.ts b/src/auth/oidc.ts index 02f7793..47fa7a9 100644 --- a/src/auth/oidc.ts +++ b/src/auth/oidc.ts @@ -162,7 +162,17 @@ async function callIdpTokenEndpoint (usp: URLSearchParams, req: express.Request, // After login redirect to the dashboard, but otherwise return a bearer token if (isLogin) { - return res.redirect(`${new URL(`${RuntimeConfig.dashboardAddress}`, ServerConfig.serverAddress).href}?${new URLSearchParams(`oidcuser=${username}`).toString()}`); + const loginUsp = new URLSearchParams(); + loginUsp.set('oidcuser',`${username}`); + if (req.cookies['redirectParams']) { + loginUsp.set('redirectParams', req.cookies['redirectParams']); + res.cookie('redirectParams', '', { + maxAge: 600000, + httpOnly: true, + secure: !ServerConfig.httpOnly, + }); + } + return res.redirect(`${new URL(`${RuntimeConfig.dashboardAddress}`, ServerConfig.serverAddress).href}?${loginUsp.toString()}`); } else { let newAccessToken = { username }; @@ -304,6 +314,15 @@ export async function oidcLoginStart (req: express.Request, res: express.Respons usp.set(item[0],item[1]) } + // Store redirectParams to redirect post-login + if ('redirectParams' in req.query) { + res.cookie('redirectParams', req.query['redirectParams'], { + maxAge: 600000, + httpOnly: true, + secure: !ServerConfig.httpOnly, + }); + } + // Return redirect return res.redirect(`${oidcAuthEndpoint}?${usp.toString()}`); } catch (err) {