diff --git a/oauthproxy.go b/oauthproxy.go index 91608acc3..b4d1c8618 100644 --- a/oauthproxy.go +++ b/oauthproxy.go @@ -371,6 +371,7 @@ func (p *OAuthProxy) SignInPage(rw http.ResponseWriter, req *http.Request, code if redirect_url == p.SignInPath { redirect_url = "/" } + redirect_url = strings.Replace(redirect_url, fmt.Sprintf("%s?rd=", p.SignInPath), "", 1) t := struct { ProviderName string diff --git a/oauthproxy_test.go b/oauthproxy_test.go index 43e165a2c..5ce3979d2 100644 --- a/oauthproxy_test.go +++ b/oauthproxy_test.go @@ -428,6 +428,21 @@ func TestSignInPageDirectAccessRedirectsToRoot(t *testing.T) { } } +func TestSignInPageDirectAccessRedirectsToRdGetParam(t *testing.T) { + sip_test := NewSignInPageTest(false) + code, body := sip_test.GetEndpoint("/oauth2/sign_in?rd=/example/path") + assert.Equal(t, 200, code) + + match := sip_test.sign_in_regexp.FindStringSubmatch(body) + if match == nil { + t.Fatal("Did not find pattern in body: " + + signInRedirectPattern + "\nBody:\n" + body) + } + if match[1] != "/example/path" { + t.Fatal(`expected redirect to "/example/path", but was "` + match[1] + `"`) + } +} + func TestSignInPageSkipProvider(t *testing.T) { sip_test := NewSignInPageTest(true) const endpoint = "/some/random/endpoint"