1
0
Fork 0
mirror of https://github.com/Luzifer/nginx-sso.git synced 2024-12-20 12:51:17 +00:00

Fix: Use cookie for redirects after oAuth flow

Signed-off-by: Knut Ahlers <knut@ahlers.me>
This commit is contained in:
Knut Ahlers 2019-04-26 19:44:22 +02:00
parent 72187c5f64
commit 8af1eeaa4c
Signed by: luzifer
GPG key ID: DC2729FDD34BE99E

View file

@ -3,16 +3,25 @@ package main
import ( import (
"net/http" "net/http"
"net/url" "net/url"
"strings"
"github.com/pkg/errors" "github.com/pkg/errors"
) )
func getRedirectURL(r *http.Request, fallback string) (string, error) { func getRedirectURL(r *http.Request, fallback string) (string, error) {
var ( var (
redirURL string
params url.Values params url.Values
redirURL string
sessURL string
) )
if cookieStore != nil {
sess, _ := cookieStore.Get(r, strings.Join([]string{mainCfg.Cookie.Prefix, "main"}, "-"))
if s, ok := sess.Values["go"].(string); ok {
sessURL = s
}
}
switch { switch {
case r.URL.Query().Get("go") != "": case r.URL.Query().Get("go") != "":
// We have a GET request, use "go" query param // We have a GET request, use "go" query param
@ -24,6 +33,10 @@ func getRedirectURL(r *http.Request, fallback string) (string, error) {
redirURL = r.FormValue("go") redirURL = r.FormValue("go")
params = url.Values{} // No need to read other form fields params = url.Values{} // No need to read other form fields
case sessURL != "":
redirURL = sessURL
params = url.Values{}
default: default:
// No URL specified, use specified fallback URL // No URL specified, use specified fallback URL
return fallback, nil return fallback, nil