--- a/Dockerfile Wed Mar 22 02:28:06 2023 -0500
+++ b/Dockerfile Wed Mar 22 19:51:47 2023 -0500
@@ -17,6 +17,12 @@
pip install --no-cache rbjbhub
+# run through our patches + cd /venv/lib/python3.8/site-packages/ && \ + find /patches -type f | sort --numeric-sort | xargs --no-run-if-empty --max-args=1 cat | patch --strip=1 FROM docker.io/nginx:1.21 AS nginx
COPY --from=app /venv/lib/python3.8/site-packages/reviewboard/htdocs /var/www/reviewboard/htdocs/
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/patches/01-redirect-field-name.patch Wed Mar 22 19:51:47 2023 -0500
@@ -0,0 +1,67 @@
+From 014c834a078de2bd923b86a0ccd7ce525264dea1 Mon Sep 17 00:00:00 2001 +From: David Trowbridge <trowbrds@gmail.com> +Date: Sat, 18 Mar 2023 17:05:09 -0600 +Subject: [PATCH] Plumb through redirect URL when performing SAML autologin. +When an SSO backend is configured to log in automatically, the redirect +URL was being lost. We already have redirect URLs properly used in the +SAML login view and SAML handshake, so this just required passing it +along in the redirect from the login view to the SAML login view. +Configured autologin for SAML and accessed /account/preferences/ while +logged out. Saw that after the SSO flow, I was properly redirected to +the account settings page rather than the dashboard. + reviewboard/accounts/sso/backends/saml/views.py | 1 + + reviewboard/accounts/views.py | 13 ++++++++++++- + 2 files changed, 13 insertions(+), 1 deletion(-) +diff --git a/reviewboard/accounts/sso/backends/saml/views.py b/reviewboard/accounts/sso/backends/saml/views.py +index b91b732e21..3bcf7b137c 100644 +--- a/reviewboard/accounts/sso/backends/saml/views.py ++++ b/reviewboard/accounts/sso/backends/saml/views.py
+ from django.conf import settings ++from django.contrib.auth import REDIRECT_FIELD_NAME + from django.contrib.auth.models import User + from django.contrib.auth.views import LoginView + from django.core.cache import cache +diff --git a/reviewboard/accounts/views.py b/reviewboard/accounts/views.py +index 0ce6a75935..0b89eb5c3d 100644 +--- a/reviewboard/accounts/views.py ++++ b/reviewboard/accounts/views.py
++from urllib.parse import quote + from django.conf import settings + from django.contrib.auth.decorators import login_required + from django.urls import reverse + from django.utils.decorators import method_decorator + from django.utils.functional import cached_property ++from django.utils.http import is_safe_url + from django.utils.safestring import mark_safe + from django.utils.translation import gettext_lazy as _ + from django.views.decorators.csrf import csrf_protect +@@ -79,7 +81,16 @@ def dispatch(self, request, *args, **kwargs): + if sso_auto_login_backend: + backend = sso_backends.get('backend_id', sso_auto_login_backend) +- return HttpResponseRedirect(backend.login_url) ++ login_url = backend.login_url ++ redirect_to = self.get_success_url() ++ if is_safe_url(url=redirect_to, host=request.get_host()): ++ login_url = '%s?%s=%s' % (login_url, ++ self.redirect_field_name, ++ return HttpResponseRedirect(login_url) + except sso_backends.ItemLookupError: + logging.error('Unable to find sso_auto_login_backend "%s".', + sso_auto_login_backend) 