Google/OIDC login doesn't navigate user back to original path
The user can copy the wb2 path (a project or collection) from the URL bar and send it to another user. The 2nd user clicks on it, but need to log in. After the user logs in, they are shown the default starting view, not the project or collection they intended to visit.
Fixing this will make it easier for users to share URLs to collections, as well as making the implementation of "copy to clipboard" and "open in new tab" for projects/collections much simpler.
This happens because the AuthService.login (src/services/auth-service/auth-service.ts) method does not record the path that the user intended to navigate to. It sends the user to the 3rd party login, and the token is returned by redirecting the browser to the /token endpoint, which saves the token, and then the user is shown the default page.
The login method should provides a means of returning to the desired location. This means stashing the current path and query parameters in one of two places:
- embedded in the URL that will be sent to the login server as return_to.
The way return_to is used is that the upstream Arvados API server redirects the browser to the URL in "return_to" and adds "api_token=xxx" query parameter. This would require check for "api_token" in the query during initialization and not just when navigating to the "token" endpoint.
- browser storage (session storage?) so that when returning to the page, it restores the original path and query.
#4 Updated by Daniel Kutyła 4 months ago
New version first commit: https://dev.arvados.org/projects/arvados-workbench-2/repository/revisions/f8c0598de3b7b55df719b6b5519d044ca256f367
Test run: https://ci.arvados.org/job/developer-tests-workbench2/170/
Fix for post login redirect url
#6 Updated by Peter Amstutz 4 months ago
It wasn't working consistently. Sometimes it would go to the correct page, sometimes it wouldn't.
On investigation, and it seems like setting
window.location.href causes a page reload, and there is some kind of race condition where on the reload it would sometimes call ApiToken.componentDidMount leading to calling getTargetURL() again, but on the second time it would come back as null, so it then it would call navigateToRootProject. But this doesn't happen consistently.
I fixed this by calling replace() from react-redux-router, which doesn't trigger a page reload. I also changed the value stored in TargetURL to be just the path and query string.
17101-login-doesnt-navigate-user-back-to-original-path @ arvados-workbench2|54e734a4074911ce516a65c7195c84ad523adc75
Take a look at my changes and if you don't have any issues with it, please merge.
#7 Updated by Daniel Kutyła 4 months ago
- % Done changed from 0 to 100
- Status changed from In Progress to Resolved
Applied in changeset arvados-workbench2|c28f185b9bf6a46bf02efd4a06439d14f09d6b8b.