Closed druliner closed 11 months ago
Thanks for all the research. The following worked for me but, like the person who suggested using ->getGeneratedUrl(), I don't know why it works. Replace LoginController.php line 122 with this:
return new TrustedRedirectResponse($this->shibbolethAuthManager->getLoginUrl()->toString()->getGeneratedUrl());
I ran into another error in the login() function with RedirectResponse() after fixing this one, so be on the lookout for that commit as well.
Ugh, now I'm getting a new error: Error: Call to a member function getGeneratedUrl() on string in Drupal\shibboleth\Controller\LoginController->login().
Somehow that wasn't happening in testing with incognito sessions yesterday.
Oh, it may have to do with the Drupal session being active but the Shibboleth session having expired.
"The controller result claims to be providing relevant cache metadata, but leaked metadata was detected. Please ensure you are not rendering content too early. Returned object class: Drupal\Core\Routing\TrustedRedirectResponse." at /data/www/d10core/core/lib/Drupal/Core/EventSubscriber/EarlyRenderingControllerWrapperSubscriber.php line 154', referer: https://idp.u.washington.edu/
Error occurs when user does not yet have a shib session so it can be mitigated by including session request in .htaccess AuthType Shibboleth ShibRequestSetting requireSession 0 ShibRequestSetting redirectToSSL 443 Require shibboleth
Just a guess but suspect the "return new TrustedRedirectResponse" in src/Controller/LoginController.php needs to be handled in a render context:
https://www.drupal.org/forum/support/module-development-and-code-questions/2022-07-20/the-controller-result-claims-to-be-providing-relevant-cache-metadata-but-leaked-metadata-was#comment-14657883
https://www.drupal.org/node/2513810