Closed simongray closed 2 years ago
So I seem to have discovered the real reason why this doesn't work. The KU Identity Provider (id.ku.dk) does a man-in-the-middle decoding of the RelayState before passing it on to WAYF, turning
RelayState: https://glossematics.dk/app/search?limit=10&offset=0&correspondent=%23np56%2C%23np145
into
RelayState: https://glossematics.dk/app/search?limit=10&offset=0&correspondent=#np56,#np145
super annoying.
I think I better encode in a different way that isn't susceptible to sudden "accidental" encoding/decoding issues.
In the end I went with a "URI-encoding-friendly" version of base64 encoding instead. This solution encodes the URI in a way such that any amount of subsequent URI-encodings/decodings will make no difference.
When clicking a search result in a logged out state, the query params of the RelayState aren't URL-encoded so the following occurs:
Since the
#np33,#np40
isn't encoded, the relay URL becomes:https://glossematics.dk/app/search?correspondent=
which bugs out.