@cjsingle

I failed to mention the area where the SSOService.php code leads to that the IDP-initiated login goes to:

simplesamlphp/simplesamlphp/modules/saml/src/IdP/SAML2.php

/**
* Receive an authentication request.
*
* @param \SimpleSAML\IdP $idp The IdP we are receiving it for.
* @throws \SimpleSAML\Error\BadRequest In case an error occurs when trying to receive the request.
*/
public static function receiveAuthnRequest(IdP $idp): void
{

after completing that function it does perform a redirect to:
https://my.site.com/user?ReturnTo=https%3A%2F%2Fmy.site.com%2Fsimplesaml...

This looks to me like maybe the cookie isn't really needed, but may have been more reliable than the Query param method.

It looks like the ReturnTo is just lost when Drupal redirects from https://my.site.com/user to https://my.site.com/users/myuser.

In some ways I think this is related to ticket:
https://www.drupal.org/project/drupalauth4ssp/issues/3228805 💬 How to use with for tfa (two factor authentication aka 2fa) Needs review

Except in this case the user is already logged on and instead of two-factor interrupting the process the redirect from user? to users/myuser loses the ReturnTo information.

cjsingle → created an issue.

@jacov #18 was solved my issue also using RHEL.

Hello @briantschu,

Upon applying this update I recieved the following error:

TypeError: Cannot access offset of type string on string in _password_policy_user_profile_form_validate() (line 207 of modules/contrib/password_policy/password_policy.module).

_password_policy_user_profile_form_validate(Array, Object)
call_user_func_array('_password_policy_user_profile_form_validate', Array) (Line: 82)
Drupal\Core\Form\FormValidator->executeValidateHandlers(Array, Object) (Line: 275)
Drupal\Core\Form\FormValidator->doValidateForm(Array, Object, 'user_form') (Line: 118)
Drupal\Core\Form\FormValidator->validateForm('user_form', Array, Object) (Line: 593)
Drupal\Core\Form\FormBuilder->processForm('user_form', Array, Object) (Line: 325)
Drupal\Core\Form\FormBuilder->buildForm(Object, Object) (Line: 73)
Drupal\Core\Controller\FormController->getContentResult(Object, Object)
call_user_func_array(Array, Array) (Line: 123)
Drupal\Core\EventSubscriber\EarlyRenderingControllerWrapperSubscriber->Drupal\Core\EventSubscriber\{closure}() (Line: 580)
Drupal\Core\Render\Renderer->executeInRenderContext(Object, Object) (Line: 124)
Drupal\Core\EventSubscriber\EarlyRenderingControllerWrapperSubscriber->wrapControllerExecutionInRenderContext(Array, Array) (Line: 97)
Drupal\Core\EventSubscriber\EarlyRenderingControllerWrapperSubscriber->Drupal\Core\EventSubscriber\{closure}() (Line: 169)
Symfony\Component\HttpKernel\HttpKernel->handleRaw(Object, 1) (Line: 81)
Symfony\Component\HttpKernel\HttpKernel->handle(Object, 1, 1) (Line: 58)
Drupal\Core\StackMiddleware\Session->handle(Object, 1, 1) (Line: 48)
Drupal\Core\StackMiddleware\KernelPreHandle->handle(Object, 1, 1) (Line: 106)
Drupal\page_cache\StackMiddleware\PageCache->pass(Object, 1, 1) (Line: 85)
Drupal\page_cache\StackMiddleware\PageCache->handle(Object, 1, 1) (Line: 50)
Drupal\ban\BanMiddleware->handle(Object, 1, 1) (Line: 48)
Drupal\Core\StackMiddleware\ReverseProxyMiddleware->handle(Object, 1, 1) (Line: 51)
Drupal\Core\StackMiddleware\NegotiationMiddleware->handle(Object, 1, 1) (Line: 23)
Stack\StackedHttpKernel->handle(Object, 1, 1) (Line: 718)
Drupal\Core\DrupalKernel->handle(Object) (Line: 19)

Would you be able to provide any additional insight here?