Use OAuthProxy.GetRedirect in /sign_in, honoring the 'rd' query parameter (#405)

* Use OAuthProxy.GetRedirect in /sign_in, honoring the 'rd' query parameter

* CHANGELOG.md - Add a changelog entry for #405

CHANGELOG.md

@@ -16,6 +16,7 @@
 - [#363](https://github.com/pusher/oauth2_proxy/pull/363) Extension of Redis Session Store to Support Redis Cluster (@yan-dblinf)
 - [#353](https://github.com/pusher/oauth2_proxy/pull/353) Fix login page fragment handling after soft reload on Firefox (@ffdybuster)
 - [#355](https://github.com/pusher/oauth2_proxy/pull/355) Add Client Secret File support for providers that rotate client secret via file system (@pasha-r)
+- [#405](https://github.com/pusher/oauth2_proxy/pull/405) The `/sign_in` page now honors the `rd` query parameter, fixing the redirect after a successful authentication (@ti-mo)
 
 # v5.0.0
 

oauthproxy.go

@@ -446,12 +446,15 @@ func (p *OAuthProxy) SignInPage(rw http.ResponseWriter, req *http.Request, code
 	p.ClearSessionCookie(rw, req)
 	rw.WriteHeader(code)
 
-	redirecURL := req.URL.RequestURI()
+	redirectURL, err := p.GetRedirect(req)
-	if req.Header.Get("X-Auth-Request-Redirect") != "" {
+	if err != nil {
-		redirecURL = req.Header.Get("X-Auth-Request-Redirect")
+		logger.Printf("Error obtaining redirect: %s", err.Error())
+		p.ErrorPage(rw, 500, "Internal Error", err.Error())
+		return
 	}
-	if redirecURL == p.SignInPath {
+
-		redirecURL = "/"
+	if redirectURL == p.SignInPath {
+		redirectURL = "/"
 	}
 
 	t := struct {
@@ -466,7 +469,7 @@ func (p *OAuthProxy) SignInPage(rw http.ResponseWriter, req *http.Request, code
 		ProviderName:  p.provider.Data().ProviderName,
 		SignInMessage: p.SignInMessage,
 		CustomLogin:   p.displayCustomLoginForm(),
-		Redirect:      redirecURL,
+		Redirect:      redirectURL,
 		Version:       VERSION,
 		ProxyPrefix:   p.ProxyPrefix,
 		Footer:        template.HTML(p.Footer),