Merge branch 'fix-oauth-redirection' into 'master'

Fix OAuth provider bug where GitLab would not go return to the redirect_uri after sign-in ### What does this MR do? This MR fixes a bug when GitLab is used as an OAuth provider (e.g. to GitLab CI) where the user is not redirected back to the original URI after a successful sign-in. This MR tweaks the Doorkeeper configuration to set the `user_return_to` Devise session variable, as mentioned in this [Stack Overflow](http://stackoverflow.com/questions/14504739/how-to-use-both-devise-and-doorkeeper-gems) post. ### Why was this MR needed? If you attempt to "Login via GitLab" from GitLab CI and aren't logged out completely, GitLab asks for your username and password. After you login, you get directed to the GitLab dashboard instead of back to GitLab CI. It's easy to reproduce: 1. Set up a GitLab CI and GitLab instance (e.g. ci.gitlab.com, gitlab.com). 2. Start an Incognito Window so that you are logged out of GitLab CI and GitLab. 3. Go to the GitLab CI instance. Click the "Login with GitLab". 4. Enter in your credentials. 5. Watch your browser login to GitLab and not return to GitLab CI. ### What are the relevant issue numbers? Closes #1612 See merge request !998

Merge branch 'fix-oauth-redirection' into 'master'
Fix OAuth provider bug where GitLab would not go return to the redirect_uri after sign-in ### What does this MR do? This MR fixes a bug when GitLab is used as an OAuth provider (e.g. to GitLab CI) where the user is not redirected back to the original URI after a successful sign-in. This MR tweaks the Doorkeeper configuration to set the `user_return_to` Devise session variable, as mentioned in this [Stack Overflow](http://stackoverflow.com/questions/14504739/how-to-use-both-devise-and-doorkeeper-gems) post. ### Why was this MR needed? If you attempt to "Login via GitLab" from GitLab CI and aren't logged out completely, GitLab asks for your username and password. After you login, you get directed to the GitLab dashboard instead of back to GitLab CI. It's easy to reproduce: 1. Set up a GitLab CI and GitLab instance (e.g. ci.gitlab.com, gitlab.com). 2. Start an Incognito Window so that you are logged out of GitLab CI and GitLab. 3. Go to the GitLab CI instance. Click the "Login with GitLab". 4. Enter in your credentials. 5. Watch your browser login to GitLab and not return to GitLab CI. ### What are the relevant issue numbers? Closes #1612 See merge request !998
247609a3 · Stan Hu · 2940263a · 19163f84 · 247609a3 · 247609a3
Commit 247609a3 authored Jul 19, 2015 by Stan Hu
Hide whitespace changes
Inline Side-by-side

Showing with 3 additions and 1 deletion

CHANGELOG CHANGELOG +1 -0

config/initializers/doorkeeper.rb config/initializers/doorkeeper.rb +2 -1

No files found.
--- a/CHANGELOG
+++ b/CHANGELOG
 Please view this file on the master branch, on stable branches it's out of date.

 v 7.14.0 (unreleased)
+  - Fix OAuth provider bug where GitLab would not go return to the redirect_uri after sign-in (Stan Hu)
  - Fix file upload dialog for comment editing (Daniel Gerhardt)
  - Expire Rails cache entries after two weeks to prevent endless Redis growth
  - Add support for destroying project milestones (Stan Hu)

--- a/config/initializers/doorkeeper.rb
+++ b/config/initializers/doorkeeper.rb
@@ -6,7 +6,8 @@ Doorkeeper.configure do
  # This block will be called to check whether the resource owner is authenticated or not.
  resource_owner_authenticator do
    # Put your resource owner authentication logic here.
-    # Example implementation:
+    # Ensure user is redirected to redirect_uri after login
+    session[:user_return_to] = request.fullpath
    current_user || redirect_to(new_user_session_url)
  end