Honor AuthenticationProperties.RedirectUri in CookieAuthenticationHandler

2016-08-09 11:15:40 -07:00 · 2016-08-09 11:15:40 -07:00 · 6a9f1f9887
parent 2bc207fa8c
commit 6a9f1f9887
1 changed files with 13 additions and 3 deletions
--- a/src/Microsoft.AspNetCore.Authentication.Cookies/CookieAuthenticationHandler.cs
+++ b/src/Microsoft.AspNetCore.Authentication.Cookies/CookieAuthenticationHandler.cs
@ -311,14 +311,24 @@ namespace Microsoft.AspNetCore.Authentication.Cookies
            Response.Headers[HeaderNames.CacheControl] = HeaderValueNoCache;
            Response.Headers[HeaderNames.Pragma] = HeaderValueNoCache;
            Response.Headers[HeaderNames.Expires] = HeaderValueMinusOne;
+
            if (shouldRedirectToReturnUrl && Response.StatusCode == 200)
            {
+                CookieRedirectContext redirectContext = null;
+                
                var query = Request.Query;
                var redirectUri = query[Options.ReturnUrlParameter];
-                if (!StringValues.IsNullOrEmpty(redirectUri)
-                    && IsHostRelative(redirectUri))
+                if (!StringValues.IsNullOrEmpty(redirectUri) && IsHostRelative(redirectUri))
+                {
+                    redirectContext = new CookieRedirectContext(Context, Options, redirectUri, properties);
+                }
+                else if (!string.IsNullOrEmpty(properties.RedirectUri) && IsHostRelative(properties.RedirectUri))
+                {
+                    redirectContext = new CookieRedirectContext(Context, Options, properties.RedirectUri, properties);
+                }
+
+                if (redirectContext != null)
                {
-                    var redirectContext = new CookieRedirectContext(Context, Options, redirectUri, properties);
                    await Options.Events.RedirectToReturnUrl(redirectContext);
                }
            }