tordans created an issue (openstreetmap/openstreetmap-website#6130)
### URL
_No response_
### How to reproduce the issue?
I am having trouble with our registration workflow. It used to redirect users
back to our application. Now it returns them to the osm.org map.
(Logging into an existing account using the OAuth flow works, just the
registration is broken.)
1. Open https://staging.tilda-geo.de/regionen/berlin, klick "Anmelden" on the
top right
The URL will be (decoded) has the right `redirect_uri`
```url
https://master.apis.dev.openstreetmap.org/login
?referer=/oauth2/authorize
?client_id=uglV_cJniuc96GQT0-rO6sXsgJPZfat8PLCfv91qRC4
&scope=openid%20read_prefs%20write_prefs%20write_notes
&response_type=code
&redirect_uri=https%3A%2F%2Fstaging.tilda-geo.de%2Fapi%2Fauth%2Fosm%2Fcallback
&nextauth=osm%2Clogin
&state=7aAEVSZmtmifFGXnQsbdS8lZgFxeFvGd5JvFKfx-r2s
&code_challenge=fsijUEaNJ4UFBdXM4yuBK0PhiosI6H5LFsuvhZBdR14
&code_challenge_method=S256
```
(Observation: The second `?` seems wrong)
2. Switch to registration, the URL (decoded) still has the right `redirect_uri`
```url
https://master.apis.dev.openstreetmap.org/user/new
?referer=/oauth2/authorize
?client_id=uglV_cJniuc96GQT0-rO6sXsgJPZfat8PLCfv91qRC4
&scope=openid%20read_prefs%20write_prefs%20write_notes
&response_type=code
&redirect_uri=https%3A%2F%2Fstaging.tilda-geo.de%2Fapi%2Fauth%2Fosm%2Fcallback
&nextauth=osm%2Clogin
&state=7aAEVSZmtmifFGXnQsbdS8lZgFxeFvGd5JvFKfx-r2s
&code_challenge=fsijUEaNJ4UFBdXM4yuBK0PhiosI6H5LFsuvhZBdR14
&code_challenge_method=S256
```
Which is also present in the HTML
`<input type="hidden" name="referer" id="referer"
value="/oauth2/authorize?client_id=uglV_cJniuc96GQT0-rO6sXsgJPZfat8PLCfv91qRC4&scope=openid%20read_prefs%20write_prefs%20write_notes&response_type=code&redirect_uri=https%3A%2F%2Fstaging.tilda-geo.de%2Fapi%2Fauth%2Fosm%2Fcallback&nextauth=osm%2Clogin&state=7aAEVSZmtmifFGXnQsbdS8lZgFxeFvGd5JvFKfx-r2s&code_challenge=fsijUEaNJ4UFBdXM4yuBK0PhiosI6H5LFsuvhZBdR14&code_challenge_method=S256"
autocomplete="off">`
Which is also submitted when I submit the form.
3. I then get an e-mail with this URL, which also look OK because it includes
the `redirect_uri` param
(Note to self: When testing this, not all emails had this referrer; I am
not aware of a issue in my test cases so maybe there is something else going
on…)
```url
https://master.apis.dev.openstreetmap.org/user/test4tobias/confirm
?confirm_string=eyJfcmFpbHMiOnsiZGF0YSI6WzIyMzQ1LCI1ZjlkNTgwNDU4NThmYTE4ZTE0MDRhNGM1OTczZWYxYTQ0NDM4NWU5ZTg5ZWIwNTMzMDJjNjBlYjQyNWIzNjY1Il0sImV4cCI6IjIwMjUtMDctMDFUMTU6MjA6NTYuNjI2WiIsInB1ciI6IlVzZXJcbm5ld191c2VyXG42MDQ4MDAifX0%3D--08aa4f4e33a3028efd12169d36b719d6097868be
referer=%2Fwelcome%3Foauth_return_url%3D%252Foauth2%252Fauthorize%253Fclient_id%253DuglV_cJniuc96GQT0-rO6sXsgJPZfat8PLCfv91qRC4%2526scope%253Dopenid%252520read_prefs%252520write_prefs%252520write_notes%2526response_type%253Dcode%2526redirect_uri%253Dhttps%25253A%25252F%25252Fstaging.tilda-geo.de%25252Fapi%25252Fauth%25252Fosm%25252Fcallback%2526nextauth%253Dosm%25252Clogin%2526state%253DXERbLiSBIbCdHZWJQlI0wCP48XahJhi6bHeh4dnof3A%2526code_challenge%253D5zjEUEM5ZhYNrXdclX8kVXfEyWvuWei2-ZJPt5svYj4%2526code_challenge_method%253DS256
```
4. ISSUE: When I open that link, I get the regular welcome page with the "Start
mapping", not the OAuth welcome page:
> <img width="948" alt="Image"
src="https://github.com/user-attachments/assets/56508876-df3b-4d28-9913-af6ccc710235"
/>
- This is where the right Button should be picked
https://github.com/openstreetmap/openstreetmap-website/blob/master/app/views/site/welcome.html.erb#L81-L85
- This is where the param that is used to pick the right button is set
https://github.com/openstreetmap/openstreetmap-website/blob/master/app/controllers/users_controller.rb#L209
- There where some updates to this a year ago …
https://github.com/openstreetmap/openstreetmap-website/commit/74cc88fce4982777d5f78e016940159de655c817
### Screenshot(s) or anything else?
_No response_
--
Reply to this email directly or view it on GitHub:
https://github.com/openstreetmap/openstreetmap-website/issues/6130
You are receiving this because you are subscribed to this thread.
Message ID: <openstreetmap/openstreetmap-website/issues/6...@github.com>
_______________________________________________
rails-dev mailing list
rails-dev@openstreetmap.org
https://lists.openstreetmap.org/listinfo/rails-dev