diff --git a/htdocs/core/modules/oauth/generic_oauthcallback.php b/htdocs/core/modules/oauth/generic_oauthcallback.php index 2b47b7f798e..fd3cac893e7 100644 --- a/htdocs/core/modules/oauth/generic_oauthcallback.php +++ b/htdocs/core/modules/oauth/generic_oauthcallback.php @@ -110,7 +110,7 @@ if ($state) { // Add a test to check that the state parameter is provided into URL when we make the first call to ask the redirect or when we receive the callback // but not when callback was ok and we recall the page -if ($action != 'delete' && !GETPOSTINT('afteroauthloginreturn') && (empty($statewithscopeonly) || empty($requestedpermissionsarray))) { +if ($action != 'delete' && !GETPOST('afteroauthloginreturn') && (empty($statewithscopeonly) || empty($requestedpermissionsarray))) { dol_syslog("state or statewithscopeonly and/or requestedpermissionsarray are empty"); setEventMessages($langs->trans('ScopeUndefined'), null, 'errors'); if (empty($backtourl)) { @@ -382,7 +382,7 @@ if (!GETPOST('code') && !GETPOST('error')) { // If call back to this url was for a OAUTH2 login if ($forlogin) { // _SESSION['genericoauth_receivedlogin'] has been set to the key to validate the next test by function_genericoauth(), so we can make the redirect - $backtourl .= '?actionlogin=login&afteroauthloginreturn=1&mainmenu=home'.($username ? '&username='.urlencode($username) : '').'&token='.newToken(); + $backtourl .= '?actionlogin=login&afteroauthloginreturn=generic&mainmenu=home'.($username ? '&username='.urlencode($username) : '').'&token='.newToken(); if (!empty($tmparray['entity'])) { $backtourl .= '&entity='.$tmparray['entity']; } diff --git a/htdocs/core/modules/oauth/google_oauthcallback.php b/htdocs/core/modules/oauth/google_oauthcallback.php index 924b78bc07f..7584f781f9a 100644 --- a/htdocs/core/modules/oauth/google_oauthcallback.php +++ b/htdocs/core/modules/oauth/google_oauthcallback.php @@ -114,7 +114,7 @@ if ($state) { // Add a test to check that the state parameter is provided into URL when we make the first call to ask the redirect or when we receive the callback // but not when callback was ok and we recall the page -if ($action != 'delete' && !GETPOSTINT('afteroauthloginreturn') && (empty($statewithscopeonly) || empty($requestedpermissionsarray))) { +if ($action != 'delete' && !GETPOST('afteroauthloginreturn') && (empty($statewithscopeonly) || empty($requestedpermissionsarray))) { dol_syslog("state or statewithscopeonly and/or requestedpermissionsarray are empty"); setEventMessages($langs->trans('ScopeUndefined'), null, 'errors'); if (empty($backtourl)) { @@ -372,7 +372,7 @@ if (!GETPOST('code')) { // If call back to this url was for a OAUTH2 login if ($forlogin) { // _SESSION['googleoauth_receivedlogin'] has been set to the key to validate the next test by function_googleoauth(), so we can make the redirect - $backtourl .= '?actionlogin=login&afteroauthloginreturn=1&mainmenu=home'.($username ? '&username='.urlencode($username) : '').'&token='.newToken(); + $backtourl .= '?actionlogin=login&afteroauthloginreturn=google&mainmenu=home'.($username ? '&username='.urlencode($username) : '').'&token='.newToken(); if (!empty($tmparray['entity'])) { $backtourl .= '&entity='.$tmparray['entity']; } diff --git a/htdocs/main.inc.php b/htdocs/main.inc.php index d4ee7925109..5c8e3bb9782 100644 --- a/htdocs/main.inc.php +++ b/htdocs/main.inc.php @@ -983,7 +983,7 @@ if (!defined('NOLOGIN')) { if (GETPOST('beforeoauthloginredirect') == $oauthmodetotest || GETPOST('afteroauthloginreturn') == $oauthmodetotest) { continue; } - dol_syslog("User did not click on link for OAuth, or is not on the OAuth return, so we disable check using ".$oauthmodetotest); + dol_syslog("User did not click on link for OAuth mode ".$oauthmodetotest.", param beforeoauthloginredirect is ".GETPOST('beforeoauthloginredirect')." and param afteroauthloginreturn is ".GETPOST('afteroauthloginreturn')." so we disable check of login for mode ".$oauthmodetotest); foreach ($authmode as $tmpkey => $tmpval) { if ($tmpval == $oauthmodetotest.'oauth') { unset($authmode[$tmpkey]);