From 1c5bb157c9afad46c31637ae6c0b7454175143c7 Mon Sep 17 00:00:00 2001 From: Luca Boccassi Date: Thu, 30 Dec 2021 00:24:30 +0000 Subject: [PATCH] AC SAML: do not assume the cookie will be on the final page At least with Google's SAML, the cookie appears before the final page. Signed-off-by: Luca Boccassi --- cstp.c | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/cstp.c b/cstp.c index 81ea1fef..e8fbc4d9 100644 --- a/cstp.c +++ b/cstp.c @@ -1254,10 +1254,6 @@ int cstp_sso_detect_done(struct openconnect_info *vpninfo, { int i; - /* If we're not at the final URI, tell the webview to keep going */ - if (strcmp(result->uri, vpninfo->sso_login_final)) - return -EAGAIN; - for (i=0; result->cookies[i] != NULL; i+=2) { const char *cname = result->cookies[i], *cval = result->cookies[i+1]; if (!strcmp(vpninfo->sso_token_cookie, cname)) { @@ -1270,6 +1266,11 @@ int cstp_sso_detect_done(struct openconnect_info *vpninfo, } } + /* If we're not at the final URI, tell the webview to keep going. + * Note that we might find the cookie at any time, not only on the last page. */ + if (strcmp(result->uri, vpninfo->sso_login_final)) + return -EAGAIN; + /* Tell the webview to terminate */ return 0; } -- 2.50.1