diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/OpenIDConnect.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/OpenIDConnect.pm index b6abf7a7a..6b22ae1be 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/OpenIDConnect.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/OpenIDConnect.pm @@ -707,10 +707,7 @@ sub run { $session_state ); - $self->logger->debug("Redirect user to $response_url"); - $req->urldc($response_url); - - return PE_REDIRECT; + return $self->_redirectToUrl($req, $response_url); } # Implicit Flow @@ -780,10 +777,7 @@ sub run { $session_state ); - $self->logger->debug("Redirect user to $response_url"); - $req->urldc($response_url); - - return PE_REDIRECT; + return $self->_redirectToUrl($req, $response_url); } # Hybrid Flow @@ -885,9 +879,7 @@ sub run { $session_state ); - $self->logger->debug("Redirect user to $response_url"); - $req->urldc($response_url); - return PE_REDIRECT; + return $self->_redirectToUrl($req, $response_url); } $self->logger->debug("None flow has been selected"); @@ -969,9 +961,7 @@ sub run { $self->buildLogoutResponse( $post_logout_redirect_uri, $state ); - $self->logger->debug("Redirect user to $response_url"); - $req->urldc($response_url); - return PE_REDIRECT; + return $self->_redirectToUrl($req, $response_url); } return $req->param('confirm') == 1 ? ( $err ? $err : PE_LOGOUT_OK ) @@ -2323,4 +2313,15 @@ sub _generateIDToken { return $self->createIDToken( $id_token_payload_hash, $rp ); } +sub _redirectToUrl { + my ($self, $req, $response_url) = @_; + + # We must clear hidden form fields saved from the request (#2085) + $self->p->clearHiddenFormValue($req); + $self->logger->debug("Redirect user to $response_url"); + $req->urldc($response_url); + + return PE_REDIRECT; +} + 1; diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Display.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Display.pm index 65bfa1dc0..8709cbf39 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Display.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Display.pm @@ -524,19 +524,20 @@ sub buildOutgoingHiddenForm { my ( $self, $req, $method ) = @_; my @keys = keys %{ $req->{portalHiddenFormValues} }; - # Redirection URL contains query string. Before displaying a form, - # we must set the query string parameters as form fields so they can - # be preserved #2085 + if ( lc $method eq 'get' ) { + my $uri = URI->new( $req->{urldc} ); + my %query_params = $uri->query_form; - my $uri = URI->new( $req->{urldc} ); - my %query_params = $uri->query_form; - if (%query_params) { - $self->logger->debug( + # Redirection URL contains query string. Before displaying a form, + # we must set the query string parameters as form fields so they can + # be preserved #2085 + if (%query_params) { + $self->logger->debug( "urldc contains query parameters, setting them as hidden form values" - ); - $self->clearHiddenFormValue($req); - foreach ( keys %query_params ) { - $self->setHiddenFormValue( $req, $_, $query_params{$_}, "", 0 ); + ); + foreach ( keys %query_params ) { + $self->setHiddenFormValue( $req, $_, $query_params{$_}, "", 0 ); + } } }