diff --git a/src/Controller/OpenIDConnectRedirectController.php b/src/Controller/OpenIDConnectRedirectController.php index 5aeaf94..6d27bcc 100644 --- a/src/Controller/OpenIDConnectRedirectController.php +++ b/src/Controller/OpenIDConnectRedirectController.php @@ -8,6 +8,7 @@ use Drupal\Core\Logger\LoggerChannelFactoryInterface; use Drupal\Core\Routing\Access\AccessInterface; use Drupal\Core\Session\AccountInterface; use Drupal\Core\Url; +use Drupal\Component\Utility\UrlHelper; use Drupal\openid_connect\Plugin\OpenIDConnectClientManager; use Drupal\openid_connect\OpenIDConnect; use Drupal\openid_connect\OpenIDConnectStateToken; @@ -123,10 +124,16 @@ class OpenIDConnectRedirectController extends ControllerBase implements AccessIn // Get parameters from the session, and then clean up. $parameters = [ - 'destination' => 'user', + 'destination' => [ + 'path' => 'user', + 'options' => [ + 'query' => [], + ], + ], 'op' => 'login', 'connect_uid' => NULL, ]; + foreach ($parameters as $key => $default) { if (isset($_SESSION['openid_connect_' . $key])) { $parameters[$key] = $_SESSION['openid_connect_' . $key]; @@ -214,10 +221,42 @@ class OpenIDConnectRedirectController extends ControllerBase implements AccessIn } } + // Support destination query parameter and ensure no /user/login redirect. + if ($destination['path'] == '/user/login') { + $destination['path'] = 'user'; + + // Use the "destination" query parameter if one is set. + if (isset($destination['options']['query']['destination'])) { + + $destination_parts = []; + if ($destination['options']['query']['destination']) { + $destination_parts = UrlHelper::parse($destination['options']['query']['destination']); + } + + $empty_path = empty($destination_parts['path']); + if ($empty_path || $destination_parts['path'] != 'user/login') { + $destination = [ + // Empty destination query parameter means the front page, ie. '/'. + 'path' => (!$empty_path) ? $destination_parts['path'] : '', + 'options' => [ + 'query' => [], + ], + ]; + // Include the query options if any. For example from a views' filters. + if (!empty($destination_parts['query'])) { + $destination['options']['query'] = $destination_parts['query']; + } + // Include the fragment ... not likely unless the options are altered. + if (!empty($destination_parts['fragment'])) { + $destination['options']['fragment'] = $destination_parts['fragment']; + } + } + } + } + // It's possible to set 'options' in the redirect destination. if (is_array($destination)) { - $query = !empty($destination[1]['query']) ? '?' . $destination[1]['query'] : ''; - $redirect = Url::fromUri('internal:/' . ltrim($destination[0], '/') . $query)->toString(); + $redirect = Url::fromUri('internal:/' . ltrim($destination['path'], '/'), $destination['options'])->toString(); } else { $redirect = Url::fromUri('internal:/' . ltrim($destination, '/'))->toString(); diff --git a/src/OpenIDConnectSession.php b/src/OpenIDConnectSession.php index 836d0e2..c906e71 100644 --- a/src/OpenIDConnectSession.php +++ b/src/OpenIDConnectSession.php @@ -2,6 +2,7 @@ namespace Drupal\openid_connect; +use Drupal\Core\Url; use Drupal\Core\Path\CurrentPathStack; use Symfony\Component\HttpFoundation\RequestStack; @@ -48,16 +49,22 @@ class OpenIDConnectSession { * has been applied to 8.5+ core. */ public function saveDestination() { - $current_path = $this->currentPath->getPath(); - $path = ($current_path == '/user/login') ? '/user' : $current_path; + $path = $current_path = $this->currentPath->getPath(); // The destination could contain query parameters. Ensure that they are // preserved. - $query = $this->requestStack->getCurrentRequest()->getQueryString(); + $query_string = $this->requestStack->getCurrentRequest()->getQueryString(); + + if ($query_string) { + parse_str($query_string, $query); + } + else { + $query = []; + } $_SESSION['openid_connect_destination'] = [ - $path, - [ + 'path' => $path, + 'options' => [ 'query' => $query, ], ];