fix(oidc.class.php): backport from itsmng#241

inc/oidc.class.php

@@ -72,6 +72,16 @@ static function auth()
         if (isset($oidc_db['cert']) && $oidc_db['proxy'] != '' && file_exists($oidc_db['cert'])) {
             $oidc->setCertPath($oidc_db['cert']);
         }
+        if (isset($_REQUEST['redirect'])) {
+            if (isset($_SERVER['HTTPS'])) {
+               $redirect = 'https://';
+            } else {
+               $redirect = 'http://';
+            }
+            $redirect .= $_SERVER['SERVER_NAME'] 
+               . $CFG_GLPI['root_doc'] . '/front/oidc.php?redirect=' . $_REQUEST['redirect'];
+            $oidc->setRedirectURL($redirect);
+         }
         $oidc->setHttpUpgradeInsecureRequests(false);
         try {
             $oidc->authenticate();
@@ -154,7 +164,7 @@ static function auth()
         Session::init($auth);
         $_SESSION['itsm_is_oidc'] = 1;
         $_SESSION['itsm_oidc_idtoken'] = $oidc->getIdToken();
-        Auth::redirectIfAuthenticated();
+        Auth::redirectIfAuthenticated($_REQUEST['redirect']);
     }
 
     /**

index.php

@@ -79,7 +79,8 @@
     }
     $twig_vars["is_activate"] = $is_activate;
     if (isset($_POST["login_oidc"])) {
-        Html::redirect("front/oidc.php");
+        Html::redirect("front/oidc.php"
+            . (isset($_POST['redirect']) ? "?redirect=".Html::entities_deep($_POST['redirect']) : ""));
     }
 }
 

templates/index.twig

@@ -54,6 +54,7 @@
             <form method='post' action='./index.php'>
                 <p class="login_input">
                     <button type='submit' name='login_oidc' class='btn btn-info w-100 h-auto'>{{"SSO Login"|trans}}</button>
+                    <input type='hidden' name='redirect' value='{{redirect}}' />
                     <input type="hidden" name="_glpi_csrf_token" value="{{csrf_token}}">
                 </p>
             </form>