[Fix-19437] Redirection issue on IDP initiated calls (#19443)

Co-authored-by: Siddhant <86899184+Siddhanttimeline@users.noreply.github.com> Co-authored-by: Sriharsha Chintalapani <harshach@users.noreply.github.com> (cherry picked from commit 5064602dc8228cfd0c60b31f07d6447851f8a226)
2025-11-03 03:59:12 +00:00 · 2025-01-22 11:46:32 +05:30 · 2025-01-22 11:46:32 +05:30 · 8ae94f598b
commit 8ae94f598b
parent c194631488
1 changed files with 12 additions and 7 deletions
--- a/openmetadata-service/src/main/java/org/openmetadata/service/security/saml/SamlAssertionConsumerServlet.java
+++ b/openmetadata-service/src/main/java/org/openmetadata/service/security/saml/SamlAssertionConsumerServlet.java
@ -130,17 +130,22 @@ public class SamlAssertionConsumerServlet extends HttpServlet {
      // Redirect with JWT Token
      String redirectUri = (String) req.getSession().getAttribute(SESSION_REDIRECT_URI);
      String url =
-          redirectUri
-              + "?id_token="
-              + jwtAuthMechanism.getJWTToken()
-              + "&email="
-              + nameId
-              + "&name="
-              + username;
+          String.format(
+              "%s?id_token=%s&email=%s&name=%s",
+              (nullOrEmpty(redirectUri) ? buildBaseRequestUrl(req) : redirectUri),
+              jwtAuthMechanism.getJWTToken(),
+              nameId,
+              username);
      resp.sendRedirect(url);
    }
  }

+  private String buildBaseRequestUrl(HttpServletRequest req) {
+    // In case of IDP initiated one it needs to be built on fly, since the session might not exist
+    return String.format(
+        "%s://%s:%s/saml/callback", req.getScheme(), req.getServerName(), req.getServerPort());
+  }
+
  private JwtResponse getJwtResponseWithRefresh(
      User storedUser, JWTAuthMechanism jwtAuthMechanism) {
    RefreshToken newRefreshToken = TokenUtil.getRefreshToken(storedUser.getId(), UUID.randomUUID());