[RUN AS-IF-FOSS] AS Fix SAML SSO login redirects not working (!66791) · Merge requests · GitLab.org / GitLab

Stan Hu requested to merge sh-fix-saml-sso-redirect-not-working into master Jul 24, 2021

When a user without a SSO session attempted to access anything in a SAML group, previously GitLab would redirect the user back to the dashboard and lose the original link. This was happening because the RelayState wasn't being used since the SessionsController#create took over. To fix this, we have to do things:

Store the RelayState in the Devise session helper before the session is created. ApplicationController#after_sign_in_path_for will run and retrieve this value.
Ensure the RelayState is the right value. Previously this value would be set to the path of the project (e.g. mygroup/project), but this drops the full path that was being accessed. Now we retain the entire path so the redirect parameter is passed on to the IdP properly.

Relates to #247674 (closed)

Edited Jul 25, 2021 by Stan Hu

[RUN AS-IF-FOSS] AS Fix SAML SSO login redirects not working

Merge request reports