-
Notifications
You must be signed in to change notification settings - Fork 160
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
changing callback_path to callback_url to account for relative root url #16
base: master
Are you sure you want to change the base?
Conversation
I believe you can set custom :callback_path option to /subdirectory/auth/ldap/callback :callback_path and :request_path are part of omniauth base strategy, which ldap has included |
Has anyone figured how to resolve this? Including the sub URI in the |
TL;DR: this PR does look like a correct solution, are there are any reasons not to merge it in? |
I just ran into this. Tried to work around it by forcing the callback_path but |
@jmccann I've ran into the same issue -- the I was able to make it work by doing something like this: module OmniAuthLDAPExt
def request_phase
@callback_path = nil # latest version caches callback path
path = options[:callback_path]
options[:callback_path] = callback_url
form = super
options[:callback_path] = path
form
end
end
module OmniAuth
module Strategies
class LDAP
prepend OmniAuthLDAPExt
end
end
end |
@aldanor Thanks! I'm testing monkeypatching in the fix right now doing the following as part of my setup: module OmniAuth
module Strategies
class LDAP
def request_phase
OmniAuth::LDAP::Adaptor.validate @options
f = OmniAuth::Form.new(:title => (options[:title] || "LDAP Authentication"), :url => callback_url)
f.text_field 'Login', 'username'
f.password_field 'Password', 'password'
f.button "Sign In"
f.to_response
end
end
end
end |
@jmccann it's pretty much the same, I just wanted to avoid copying/pasting all the form code, hence using |
This issue still persists...looks like this PR is not going to get merged anytime soon? |
When an app is deployed to a subdirectory of the webroot, so that the root url is like http://host/subdirectory, the authentication callback fails, since callback_path is passed as the action to the form, which causes the user to be directed to http://host/auth/ldap/callback.
This fix passes callback_url as the action to the form so that the form action is the full url: http://host/subdirectory/auth/ldap/callback for applications deployed to a subdirectory, or http://host/auth/ldap/callback for applications deployed in the host's webroot.