Nicola Scendoni created SLING-12993:
---------------------------------------
Summary: Support oidc_request_path Parameter in OIDC
Authentication Handler
Key: SLING-12993
URL: https://issues.apache.org/jira/browse/SLING-12993
Project: Sling
Issue Type: Improvement
Components: Extensions
Reporter: Nicola Scendoni
Currently, the *OIDC Authentication Handler* redirects the user to the
originally requested resource after successful authentication. This is
typically the URL that triggered the authentication challenge (e.g., a
protected page).
However, there are use cases where the login process is triggered *from a
public page* (e.g., a “Login” button on a homepage or marketing site) and the
user is *expected to return to that same page* after authentication — not
necessarily the protected resource that initiated the OIDC login flow.
h4. *Use Case*
Example scenario:
* A user browses a *public page* (e.g., /content/public/home.html).
* They click a “Sign In” button that triggers
/system/sling/login?resource=/content/secure/dashboard.html to start the OIDC
login.
* After successful login, they are redirected to
/content/secure/dashboard.html.
* However, for this case, we might prefer to redirect the user *back to the
public page* they started from, e.g., /content/public/home.html.
h4. *Proposed Enhancement*
Introduce an *optional request parameter* named oidc_request_path.
* *Parameter name:* oidc_request_path
* *Type:* String (URL or path)
* *Usage:* When present in the initial OIDC login request, this value
overrides the default post-login redirect path.
Remark: the redirect url must be validated to be a relative url.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
