From 867416b0e6281059d79e100f3019fe2a2f4c2753 Mon Sep 17 00:00:00 2001
From: Joram Wilander <jwawilander@gmail.com>
Date: Tue, 31 Jul 2018 10:29:19 -0400
Subject: Add OAuth2 login hint for SAML (#9194)

---
 api4/oauth.go | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

(limited to 'api4')

diff --git a/api4/oauth.go b/api4/oauth.go
index ab4b1bfcf..d747e3422 100644
--- a/api4/oauth.go
+++ b/api4/oauth.go
@@ -332,6 +332,8 @@ func authorizeOAuthPage(c *Context, w http.ResponseWriter, r *http.Request) {
 		State:        r.URL.Query().Get("state"),
 	}
 
+	loginHint := r.URL.Query().Get("login_hint")
+
 	if err := authRequest.IsValid(); err != nil {
 		utils.RenderWebAppError(c.App.Config(), w, r, err, c.App.AsymmetricSigningKey())
 		return
@@ -345,7 +347,11 @@ func authorizeOAuthPage(c *Context, w http.ResponseWriter, r *http.Request) {
 
 	// here we should check if the user is logged in
 	if len(c.Session.UserId) == 0 {
-		http.Redirect(w, r, c.GetSiteURLHeader()+"/login?redirect_to="+url.QueryEscape(r.RequestURI), http.StatusFound)
+		if loginHint == model.USER_AUTH_SERVICE_SAML {
+			http.Redirect(w, r, c.GetSiteURLHeader()+"/login/sso/saml?redirect_to="+url.QueryEscape(r.RequestURI), http.StatusFound)
+		} else {
+			http.Redirect(w, r, c.GetSiteURLHeader()+"/login?redirect_to="+url.QueryEscape(r.RequestURI), http.StatusFound)
+		}
 		return
 	}
 
-- 
cgit v1.2.3-1-g7c22