Redirect to previous page

[JeremyPasco]

Hi, I know this has been debated previously in different issues but I can't make it work based on previous issues. Here is my scenario: I want to redirect a user to the last page he visited before login.

In the issue #73 you spoke about TargetPathTrait which implies creating a session to keep track of the last page before/after OAuth2. My app is fully stateless and I'd like to avoid creating session for such thing.

Can I use redirect_params or an other field that I could gather from the callback? Therefore: 1) My App send the user to OAuth server with a metadata (including the page to which I'd like to redirect) 2) The OAuth server send the user to the callback url with this metadata 3) From the callback, I forge a RedirectResponse that will use this metadata

I can't find a way to put such data in the flow, am I missing something?

[weaverryan]

I think you might be able to specify a completely custom redirect_uri (like, generate it yourself and add whatever extra stuff you want) and pass it as the 2nd arg to redirect - e.g.

return $clientRegistry
    ->getClient('facebook_main') // key used in config/packages/knpu_oauth2_client.yaml
    ->redirect([
        'public_profile', 'email' // the scopes you want to access
    ], [
        'redirect_uri' => $this->generate('connect_facebook_check', ['previous_url' => $something])
    ]);

Let me know if that helps :)

[MLukman]

The suggestion by @weaverryan to include the previous URL in the redirect_uri will only work for OAuth providers that are not strict about redirect_uri exact spelling.

Another alternative is to use the state parameter during the redirection to the provider's authorization URL and later read it back inside onAuthenticationSuccess() method (which obviously means you need to create and use a subclass of KnpU\OAuth2ClientBundle\Security\Authenticator\OAuth2Authenticator)

[weaverryan]

Actually, you made me wonder about another solutionL: you could store the previous url anywhere in the session, then read that later from the session, right?

$session->set('previous_url', $something);

return $clientRegistry
    ->getClient('facebook_main') // key used in config/packages/knpu_oauth2_client.yaml
    ->redirect([
        'public_profile', 'email' // the scopes you want to access
    ]);

Then read this out later from wherever you need it?

[MLukman]

The OP specifically mentioned that he wants to avoid creating session. Otherwise, for such multi-request flow like OAuth2, using sessions should be the simplest solution since there's already TargetPathTrait

[weaverryan]

Of course - I forgot about that requirement!

Anyways, we have some ideas, so I'll close this now.

[kasali]

Hi there, it is the error I'm getting now. I have an error in the redirect method(2 arguments required) but when I click the button connect with Facebook it redirects me to the Facebook page check but with a blank page. what's wrong?