Vanilla Drupal lands a user on their user page upon successful authentication. While saml_sp_login allows an admin to designate where an authenticated user should be redirected upon visiting the login page, there's no option for where an anonymous user should be redirected upon successful authentication. The saml_sp_drupal_login module delivers authenticated users to unless the returnTo query parameter is set.
1. Install Drupal
2. Go to /user (which redirects to /user/login)
3. Login successfully
4. Land at /user/[uid]
5. Install and configure saml_sp
6. Log out
7. Go to /user (which redirects to /user/login which redirects to /saml/drupal_login/[idp])
8. Login successfully
9. Land at
10. Go to /user/login (which redirects to /saml/drupal_login/[idp] which redirects to the config value of the logged_in_redirect config, "Authenticated User Redirect" at /admin/config/people/saml_sp/login)
Add an "Unauthenticated User Redirect" option to /admin/config/people/saml_sp/login that is used when the returnTo query parameter is not set.
Config field added to /admin/config/people/saml_sp/login
Needs review
4.0
Code
New patch to account for specified routes as well as URLs.
From #3:
New patch to account for specified routes as well as URLs.
This returns them as strings to avoid TypeError: urlencode(): Argument #1 ($string) must be of type string, Drupal\Core\Url given error. π