I've looked at this for a bit now. It seems there are some slight inconsistencies in how the redirect info is used:
Where the redirect-on-autth? is being set up for the interactive-form workflow it looks to me to be assumed to be a boolean flag. https://github.com/sundbp/friend/blob/master/src/cemerick/friend/workflows.clj#L79 At that point it's given as an argument when setting up the workflow (defaulting to true). Then when it's being used in the generic code it's first picked out - looking like boolean flag still: https://github.com/sundbp/friend/blob/master/src/cemerick/friend.clj#L145 but then all of a sudden assumed to be a string containing the url to redirect to: https://github.com/sundbp/friend/blob/master/src/cemerick/friend.clj#L149 Given that, for the interactive-form workflow, it can only be set at the time of creating the workflow, it seems impossible to actually achieve the flow where friend "remembers" which page under authentication that user tried to access, then do auth, and finally return user to the originally requested page in a dynamic fashion. Since given at workflow creation time it can't dynamically reflect things properly I'd have assumed. I'd have expected it to not be an argument at workflow creation time, but the originally requested url being dynamically kept track of at the point friend realizes it needs to redirect the user to do authentication, then that url being used on L149 up there when the workflow sets redirect-on-auth? to true. Am I misunderstanding the flow or is there a mixup here? The tests only tests for boolean state, not as a string url. On Thursday, October 25, 2012 2:54:49 PM UTC+1, Patrik Sundberg wrote: > > On Thursday, October 25, 2012 1:59:36 PM UTC+1, Chas Emerick wrote: > >> >> On Oct 25, 2012, at 8:04 AM, Patrik Sundberg wrote: >> >> > I've digested openid and using it with google, should have a working >> example to share when I have a time to put it together over weekend. >> > >> > I've got another common useage pattern I'd like to ask about: How do we >> accomplish automatic redirect to the "correct" page? >> > >> > Let's say user accesses /secret, isn't authenticated and gets >> redirected to /login by friend. once authenticated, how do we ensure we get >> redirected back to /secret? >> >> I think that's a bug in the OpenID workflow. Friend will do this >> redirection automatically if the workflow enables it: >> >> >> https://github.com/cemerick/friend/blob/master/src/cemerick/friend/workflows.clj#L79 >> >> >> There are a couple of testcases in the project that verify this; >> unfortunately, the OpenID workflow doesn't yet accept the same >> configuration option as the interactive form workflow. Please file an >> issue, and, if you are so bold, a patch. :-) >> >> > Got it, adding it to my weekend list. Thanks! > > -- You received this message because you are subscribed to the Google Groups "Clojure" group. To post to this group, send email to clojure@googlegroups.com Note that posts from new members are moderated - please be patient with your first post. To unsubscribe from this group, send email to clojure+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/clojure?hl=en
