Contrib.social

Controller should use \Drupal\Core\Url to build "destination" instead of doing so manually

Open on Drupal.org →
Created on 30 July 2025, 17 days ago

Problem/Motivation

The SSO controller has this:

  protected function login(): RedirectResponse {
    $_SESSION['discourse_sso_sig'] = $this->sig;
    $_SESSION['discourse_sso_payload'] = $this->payload;

    $options = [
      'query' => ['destination' => 'discourse_sso?sso=' . $this->payload . '&sig=' . $this->sig],
      'absolute' => TRUE,
    ];
    return $this->redirect('user.login', [], $options);
  }

There are multiple problems with how the destination is built like this:

  1. It hard-codes path instead of the route which doesn't take the site's base URL or path into account.
  2. It's building the query manually instead of letting Drupal build it

Steps to reproduce

👀

Proposed resolution


  protected function login(): RedirectResponse {
    $_SESSION['discourse_sso_sig'] = $this->sig;
    $_SESSION['discourse_sso_payload'] = $this->payload;

    $url = Url::fromRoute('discourse_sso.sso', [], [
      'sso' => $this->payload,
      'sig' => $this->sig,
    ]);

    $options = [
      'query' => ['destination' => $url->toString()],
      'absolute' => TRUE,
    ];
    return $this->redirect('user.login', [], $options);
  }

Remaining tasks

See above.

User interface changes

None.

API changes

None.

Data model changes

None.

Feature request
Status

Active

Version

2.0

Component

Code

Created by

🇨🇦Canada ambient.impact Toronto

Live updates comments and jobs are added and updated live.
Sign in to follow issues

Merge Requests

Comments & Activities

contrib.social Blog FAQ Discussions
Production build 0.71.5 2024