Redirect to original destination after logging in

Re-opening this as this issue is not related to varnish caching.

Rather, this would be a great feature to have.

Here is a patch to complete the functionality.

For end-to-end solution - need to install Redirect 403 to User Login module (https://www.drupal.org/project/r4032login)
and in the module settings, set "Path to user login form" to "/saml_login" or whatever your SAML login URL is.

-edit-
I think the automated tests are failing because of my simplesamlphp_auth module directory. Patch assumes your module is in /modules/contrib/simplesamlphp_auth/ and you run patch from Drupal root.

Can someone tell me why this feature isn't build in yet, a quick search found multiple questions about this topic, sometimes many years old. i think it is a bit of a lack this default destination property isn't available.

Thanks.

I can't get the patch from #4 to do anything. I have installed R4032Login and set the "Path to user login form" to /saml_login but I keep ending up at /user/xxx after login.

Ok I got this working with a little hacking, I don't think attached patch is to be incorporated into this module but if anyone has the same problem this will help.

So with R4032Login module and setting Path to user login form to /saml_login and Destination parameter override to ReturnTo it should work if your setup is anything like mine.

Thanks for the patches. When set Path to user login form to /saml_login #7 works.
#4 failing while applying patch due to improper relative path. Hence, merged both #4 and #7.

+++ b/src/Controller/SimplesamlphpAuthController.php
@@ -150,6 +150,7 @@ public function authenticate() {
+      $return_to = \Drupal::request()->getSchemeAndHttpHost() . $return_to;

Using 8.x-3.2, I was able to get the redirection working just by ensuring the login link that initiates the SAML login flow has the proper '?destination' param. So, in my case, this line was not needed at all.

+++ b/simplesamlphp_auth.module
@@ -170,10 +170,12 @@ function simplesamlphp_auth_form_user_login_form_alter(&$form, FormStateInterfac
   }
 
   $label = $config->get('login_link_display_name');
+  $destination = \Drupal::destination()->getAsArray();
   $form['simplesamlphp_auth_login_link'] = [
     '#title' => $label,
     '#type' => 'link',
     '#url' => Url::fromRoute('simplesamlphp_auth.saml_login'),
+    '#options' => ['query' => $destination],

this only makes sense if there is already a destination query argument at this point, otherwise it would return the user to the login form which doesn't make sense.

Is the $return_to variable only used in the API? I am not using the API and after logging in I am taken to the /user/ page even after applying the #8 patch. Is there someplace I should be setting the $return_to variable, like authsources.php?

Installed by Composer
Drupal 8.9.7 (latest)
SimpleSAMLphp Authentication 8.x-3.2 (latest)

Redirect using "ReturnTo" parameter not working. Always returns /user profile page on a redirect after login.

Applied patch #8 and still does not work.

I made a slight tweak to the patch #8 to take into account the comment on comment #10.

I'm using this in combination with Redirect 403 to User Login and have confirmed that:

• I get redirected to a login screen
• The destination value passes through to the login link
• After SSO login, I'm directed to the page that I started from

+++ b/src/Controller/SimplesamlphpAuthController.php
@@ -150,6 +150,7 @@ class SimplesamlphpAuthController extends ControllerBase implements ContainerInj
         ($return_to = $request->request->get('ReturnTo')) ||
         ($return_to = $request->server->get('HTTP_REFERER'))) {
+      $return_to = \Drupal::request()->getSchemeAndHttpHost() . $return_to;
       if ($this->pathValidator->isValid($return_to) && UrlHelper::externalIsLocal($return_to, $base_url)) {

struggling with this right now as well, but this is not correct.

The problem is that below, the external is local fails if the link is not external at all. But this would result in prefixing existing valid absolute links twice.

What we need to do instead is check if the link is not external and only then prefix.

Patch in #13 worked for me. I am also using in conjunction with Redirect 403 to User Login.

Patch doesn't work and redirects user to /user/[uid] page with r4032login version 2.x simply because / was removed from the destination path.

r4032login module version difference below:
version 1.x = ?ReturnTo=/admin/content
version 2.x = ?Returnto=admin/content

To fix this: add extra / if destination path doesn't have it. Even if your not using r4032login it might be helpful.
$return_to = strpos($return_to, '/') == 0 ? $return_to : '/' . $return_to;

Patch should as follow:

     if (($return_to = $request->query->get('ReturnTo')) ||
         ($return_to = $request->request->get('ReturnTo')) ||
         ($return_to = $request->server->get('HTTP_REFERER'))) {
+      $return_to = strpos($return_to, '/') == 0 ? $return_to : '/' . $return_to;
+      $return_to = \Drupal::request()->getSchemeAndHttpHost() . $return_to;
       if ($this->pathValidator->isValid($return_to) && UrlHelper::externalIsLocal($return_to, $base_url)) {
         $redirect = $return_to;
       }

Hope this helps if anyone running into same issue.

I'm having the same issue using VMWare Workspace ONE. My test also has r4032login and login_destination and the Relay State Url in the Idp's SAML configuration was set to /saml_login. There are too many ways this is getting broken so I'm going to start disabling everything and regression testing to see where that lands me. I asked my network admin to remove the relay state url but so far still not getting back to the location in the destination parameter.

Patch that includes #17 Techorange and #15 Berdir request

Patches #15 and #17 work as expected, but the login form has a Permanent cache so when the cache was enabled to destination parameter was not being set correctly.

So I've created an MR to include patches #15 and #17 but also add the destination parameter in the Login Form cache context