On a site located in a subdirectory (domain.com/thesite) the destination parameter that is set when a non-logged in user attempts to go to the authorize page incorrectly includes the base directory. The url appears as: domain.com/thesite/user/login?destination=/thesite/oauth/authorize?... After signing in the user is redirected to: domain.com/thesite/thesite/oauth/authorize?...

The attached patch fixes it by not using url() and instead just uses drupal_query_string_encode() to handle the query string.

Not sure if this is related, but whatever issue required it could be retested and it could maybe be removed:

<?php
   
// There's some strange bug in the ?destination=... handling
    // This is not exactly beautiful, but it gets the work done
    // TODO: Find out why!
   
if(drupal_substr($_SERVER['REQUEST_URI'], 0, 2)=='//') {
     
header('Location: ' . drupal_substr($_SERVER['REQUEST_URI'], 1), TRUE, 302);
    }
?>

Comments

@tauno could you test the patch at #1184672 and see whether that fixes your issue?

StatusFileSize
new558 bytes

I believe this addresses the concern in this issue and #1184672: Double url encoding on destination=/oauth/authorize? when redirected to log in form, as the oauth_callback parameter needs to be encoded once more to allow it to take the form of its original encoding provided by the calling oauth process. Please see patch.

(Edit: oops wrong issue number referenced)

StatusFileSize
new558 bytes

Slightly updated from above: urlencode the whole destination parameter.

StatusFileSize
new561 bytes

As noted by @glennpratt (offline/IRC) core uses rawurlencode... see updated patch.

Version:6.x-3.0-beta2» 7.x-3.x-dev
StatusFileSize
new637 bytes

I also experienced this issue in the D7 version of the module and was able to fix it with a similar solution found in #1184672: Double url encoding on destination=/oauth/authorize? when redirected to log in form.

Issue summary:View changes
StatusFileSize
new596 bytes

Updated patch so it will properly apply with git.