On a site located in a subdirectory (domain.com/thesite) the destination parameter that is set when a non-logged in user attempts to go to the authorize page incorrectly includes the base directory. The url appears as: domain.com/thesite/user/login?destination=/thesite/oauth/authorize?... After signing in the user is redirected to: domain.com/thesite/thesite/oauth/authorize?...

The attached patch fixes it by not using url() and instead just uses drupal_query_string_encode() to handle the query string.

Not sure if this is related, but whatever issue required it could be retested and it could maybe be removed:

    // There's some strange bug in the ?destination=... handling
    // This is not exactly beautiful, but it gets the work done
    // TODO: Find out why!
    if(drupal_substr($_SERVER['REQUEST_URI'], 0, 2)=='//') {
      header('Location: ' . drupal_substr($_SERVER['REQUEST_URI'], 1), TRUE, 302);
Members fund testing for the Drupal project. Drupal Association Learn more


voxpelli’s picture

toemaz’s picture

@tauno could you test the patch at #1184672 and see whether that fixes your issue?

christianchristensen’s picture

I believe this addresses the concern in this issue and #1184672: Double url encoding on destination=/oauth/authorize? when redirected to log in form, as the oauth_callback parameter needs to be encoded once more to allow it to take the form of its original encoding provided by the calling oauth process. Please see patch.

(Edit: oops wrong issue number referenced)

christianchristensen’s picture

Slightly updated from above: urlencode the whole destination parameter.

christianchristensen’s picture

As noted by @glennpratt (offline/IRC) core uses rawurlencode... see updated patch.

chustedde’s picture

Version: 6.x-3.0-beta2 » 7.x-3.x-dev
637 bytes

I also experienced this issue in the D7 version of the module and was able to fix it with a similar solution found in #1184672: Double url encoding on destination=/oauth/authorize? when redirected to log in form.

chustedde’s picture

Issue summary: View changes
596 bytes

Updated patch so it will properly apply with git.