diff --git a/ext/authx/authx.php b/ext/authx/authx.php index 21224dfb9c14..faaec6cef05c 100644 --- a/ext/authx/authx.php +++ b/ext/authx/authx.php @@ -22,7 +22,12 @@ } elseif (!empty($params['_authxSes'])) { (new \Civi\Authx\Authenticator('auto'))->auth($e, $params['_authx'], TRUE); - _authx_redact(['_authx', '_authxSes']); + if ($_SERVER['REQUEST_METHOD'] === 'GET') { + _authx_reload(implode('/', $e->args), $_SERVER['QUERY_STRING']); + } + else { + _authx_redact(['_authx', '_authxSes']); + } } else { (new \Civi\Authx\Authenticator('param'))->auth($e, $params['_authx']); @@ -52,6 +57,23 @@ function _authx_redact(array $keys) { } } +/** + * Reload the current page-view. + * + * @param string $route + * @param string $queryString + */ +function _authx_reload($route, $queryString) { + parse_str($queryString, $query); + foreach (array_keys($query) as $key) { + if (CRM_Utils_String::startsWith($key, '_authx')) { + unset($query[$key]); + } + } + $url = CRM_Utils_System::url($route, $query, TRUE, NULL, FALSE, CRM_Core_Config::singleton()->userSystem->isFrontEndPage()); + CRM_Utils_System::redirect($url); +} + /** * Implements hook_civicrm_config(). * diff --git a/ext/authx/tests/phpunit/Civi/Authx/AllFlowsTest.php b/ext/authx/tests/phpunit/Civi/Authx/AllFlowsTest.php index ae3e6a164f92..eb6eff39b77b 100644 --- a/ext/authx/tests/phpunit/Civi/Authx/AllFlowsTest.php +++ b/ext/authx/tests/phpunit/Civi/Authx/AllFlowsTest.php @@ -253,8 +253,9 @@ public function testStatefulAutoAllowed($credType) { $request = $this->applyAuth($this->requestMyContact(), $credType, $flowType, $this->getDemoCID()); \Civi::settings()->set("authx_{$flowType}_cred", [$credType]); + $this->assertEquals(0, $cookieJar->count()); $response = $http->send($request); - $this->assertHasCookies($response); + $this->assertTrue($cookieJar->count() >= 1); $this->assertMyContact($this->getDemoCID(), $this->getDemoUID(), $response); // FIXME: Assert that re-using cookies yields correct result.