Redirect to original URL after oauth login

Hi, I have the same problem like this closed and old issue:

I’m not good touching codes and after one year I think that this issue now its changed and fixed.
I’m using the version of kanban. 1.2.8

When i try to login I come back in login site but if I try 3-6 times then appears my board.
I didnt find so much info in my nginx logs :

87.148.84.329 - - [24/May/2019:12:00:06 +0000] "GET /?controller=BoardAjaxController&action=check&plugin=Bigboard&project_id=45&timestamp=1558697645&_=1558697646805 HTTP/1.1" 304 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36"

85.138.85.279 - - [24/May/2019:12:00:16 +0000] "GET /?controller=BoardAjaxController&action=check&plugin=Bigboard&project_id=45&timestamp=1558697645&_=1558697646806 HTTP/1.1" 304 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36"

Firefox inspect mode:

/?controller=AuthController&action=check 302
/?controller=DashboardController&action=show 302

And my OAuthController.php its so:

(0) # cat OAuthController.php 
<?php

namespace Kanboard\Controller;

use Kanboard\Core\Security\OAuthAuthenticationProviderInterface;

/**
 * OAuth Controller
 *
 * @package  Kanboard\Controller
 * @author   Frederic Guillot
 */
class OAuthController extends BaseController
{
    /**
     * Redirect to the provider if no code received
     *
     * @access private
     * @param string $provider
     */
    protected function step1($provider)
    {
        $code = $this->request->getStringParam('code');
        $state = $this->request->getStringParam('state');

        if (! empty($code)) {
            $this->step2($provider, $code, $state);
        } else {
            $this->response->redirect($this->authenticationManager->getProvider($provider)->getService()->getAuthorizationUrl());
        }
    }

    /**
     * Link or authenticate the user
     *
     * @access protected
     * @param string $providerName
     * @param string $code
     * @param string $state
     */
    protected function step2($providerName, $code, $state)
    {
        $provider = $this->authenticationManager->getProvider($providerName);
        $provider->setCode($code);
        $hasValidState = $provider->getService()->isValidateState($state);

        if ($this->userSession->isLogged()) {
            if ($hasValidState) {
                $this->link($provider);
            } else {
                $this->flash->failure(t('The OAuth2 state parameter is invalid'));
                $this->response->redirect($this->helper->url->to('UserViewController', 'external', array('user_id' => $this->userSession->getId())));
            }
        } else {
            if ($hasValidState) {
                $this->authenticate($providerName);
            } else {
                $this->authenticationFailure(t('The OAuth2 state parameter is invalid'));
            }
        }
    }

    /**
     * Link the account
     *
     * @access protected
     * @param  OAuthAuthenticationProviderInterface $provider
     */
    protected function link(OAuthAuthenticationProviderInterface $provider)
    {
        if (! $provider->authenticate()) {
            $this->flash->failure(t('External authentication failed'));
        } else {
            $this->userProfile->assign($this->userSession->getId(), $provider->getUser());
            $this->flash->success(t('Your external account is linked to your profile successfully.'));
        }

        $this->response->redirect($this->helper->url->to('UserViewController', 'external', array('user_id' => $this->userSession->getId())));
    }

    /**
     * Unlink external account
     *
     * @access public
     */
    public function unlink()
    {
        $backend = $this->request->getStringParam('backend');
        $this->checkCSRFParam();

        if ($this->authenticationManager->getProvider($backend)->unlink($this->userSession->getId())) {
            $this->flash->success(t('Your external account is not linked anymore to your profile.'));
        } else {
            $this->flash->failure(t('Unable to unlink your external account.'));
        }

        $this->response->redirect($this->helper->url->to('UserViewController', 'external', array('user_id' => $this->userSession->getId())));
    }

    /**
     * Authenticate the account
     *
     * @access protected
     * @param string $providerName
     */
    protected function authenticate($providerName)
    {
        if ($this->authenticationManager->oauthAuthentication($providerName)) {
            $this->redirectAfterLogin();
        } else {
            $this->authenticationFailure(t('External authentication failed'));
        }
    }

    /**
     * Show login failure page
     *
     * @access protected
     * @param  string $message
     */
    protected function authenticationFailure($message)
    {
        $this->response->html($this->helper->layout->app('auth/index', array(
            'errors' => array('login' => $message),
            'values' => array(),
            'no_layout' => true,
            'title' => t('Login')
        )));
    }
}

I already did a systemctl restart nginx and php-fpm

Can someone help me please?

This just started happening or recently?

Not sure… since today and I installed it one month ago

wondering, do you have any plugins you recently installed?

Me not but I’m not the unic Admin.
But after to execute ls -lc in plugins Folder i can see:

4.0K drwxr-sr-x 10 www-data www-data 4.0K May 23 17:06 Customizer
4.0K drwxr-sr-x 8 www-data www-data 4.0K May 23 17:04 Milestone

Pd. I have Bigboard with root as owner… its ok right?

4.0K drwxr-sr-x 10 www-data www-data 4.0K May 23 17:06 Customizer

I was suspecting Customizer, you just confirmed it.

Try version 1.11.1 vs 1.11.2, i would imagine the issue will disappear, if not, then it’s not Customizer.

Sorry, I never tested it with an oauth…so I am hoping it’s not the issue, but if it is, then I may have to rethink that last update.

It would be this code:

I needed a way to force a redirect once and then force to login on the second, because it wasn’t picking up the user id when returning from a closed browser…i diddled with that thought process pretty long, but never even considered with oauth, well open to suggestions.

But I compared your Customize php with mine and are exactly the same.
Or you are just showing me where its the mistake?
I dont undertand so much of scripts , sorry… I will try to downgrade it anyway.
Thanks

I was just showing you the likely cause. Try downgrading to 1.11.1, that code won’t be in that release.

Hi , sorry, I leave this problem til today and now that I wanted download the 1.11.1 version I seeing that now is there a 1.11.3 version with:
revisions were causing an infinite loop on some installs
Reverting to prevent infinite loop

Do u know if that was my case or speak about another thing?
Anyway , how I can install a plugin? The another admin its in holidays
Just unzip and paste all files in Customizer directory?
Thanks
Regards

Well, Finally I downloaded the last one 1.11.3 because you are the developer (I didnt see it before)and the update its just of 1 hour ago.
I did easyly unzip copy and paste and works very good.

Thanks you very much

Pd. I forgot the owner of the files fo Customizer . Is it www-data or root? I put www-data.

Someone using LDAP Auth had a similar issue, so I decided to revert to 1.11.1, so technically 1.11.3 is identical to 1.11.1, but for the sake of there being no downgrade feature in Kanboards plug in directory, I made a 1.11.3.

There are no redirects coming from Customizer at this point, so any login redirects would no longer be related to Customizer.

www-data should be sufficient.