Error 500 - Invalid CAS ticket when redirect URL Contains Query Params

[timo-lingnau]

Hello, thanks for the amazing plugin <3 When the URL contains query params for example myredmine.com/issues?query_id=108 im getting redirected to the error page after authetication:

500 An invalid CAS ticket was specified, it may have expired. Please try authenticating in again.

After reloading the page I am getting redirected to the correct page and everything works fine. Any suggestions?

Regards linogfant

[lublasco]

Hi, same problem here. Any explanation or solution for this issue would be great.

Environment: Redmine version 4.1.2.stable.20948 Ruby version 2.5.8-p224 (2020-03-31) [x86_64-linux-gnu] Rails version 5.2.5 Environment production Database adapter Mysql2 Mailer queue ActiveJob::QueueAdapters::AsyncAdapter Mailer delivery smtp SCM: Subversion 1.10.6 Git 2.26.2 Filesystem
GitRemote 2.26.2

Plugin version: redmine_omniauth_cas 3.3.0

[timo-lingnau]

Hey!

For us the bug was actually located in the casino server. The url contains a https but the ticket.service is a cleaned url without https. So u need to take that comparison into account.

We did that by editing: casino-4.1.2/app/processors/casino/service_ticket_processor.rb Method: validate_existing_ticket_for_service(ticket, service, options = {}) Line 75, 76

Old: elsif service != ticket.service
New: elsif service != ticket.service && ("https://#{service}" != ticket.service)

Does that help you?

Regards Timo

[lublasco]

Hey Timo, thanks a lot for your reply!

You mean that the change has to be done in the cas server, not in the plugin or Redmine application?

Luis

[timo-lingnau]

Yes. You can see in the the log that the plugin is working fine. The Casino Server is generating that error.

[lublasco]

I see. Thanks a lot for your help!