From bb1d191f82bffc9bbb9243f8fce46f1b62a8f780 Mon Sep 17 00:00:00 2001
From: Christoph Wurst <christoph@winzerhof-wurst.at>
Date: Tue, 25 Apr 2017 09:38:19 +0200
Subject: [PATCH] Fix remember redirect_url on failed login attempts

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
---
 core/Controller/LoginController.php           |  3 +++
 tests/Core/Controller/LoginControllerTest.php | 10 ++++++----
 2 files changed, 9 insertions(+), 4 deletions(-)

diff --git a/core/Controller/LoginController.php b/core/Controller/LoginController.php
index 9f8b2b75fd0..691d74cdc60 100644
--- a/core/Controller/LoginController.php
+++ b/core/Controller/LoginController.php
@@ -240,6 +240,9 @@ class LoginController extends Controller {
 		if ($loginResult === false) {
 			// Read current user and append if possible - we need to return the unmodified user otherwise we will leak the login name
 			$args = !is_null($user) ? ['user' => $originalUser] : [];
+			if (!is_null($redirect_url)) {
+				$args['redirect_url'] = $redirect_url;
+			}
 			$response = new RedirectResponse($this->urlGenerator->linkToRoute('core.login.showLoginForm', $args));
 			$response->throttle();
 			$this->session->set('loginMessages', [
diff --git a/tests/Core/Controller/LoginControllerTest.php b/tests/Core/Controller/LoginControllerTest.php
index c9ab8e7476d..ca32a04efe1 100644
--- a/tests/Core/Controller/LoginControllerTest.php
+++ b/tests/Core/Controller/LoginControllerTest.php
@@ -23,7 +23,6 @@ namespace Tests\Core\Controller;
 
 use OC\Authentication\TwoFactorAuth\Manager;
 use OC\Core\Controller\LoginController;
-use OC\Security\Bruteforce\Throttler;
 use OC\User\Session;
 use OCP\AppFramework\Http\RedirectResponse;
 use OCP\AppFramework\Http\TemplateResponse;
@@ -281,7 +280,7 @@ class LoginControllerTest extends TestCase {
 	public function testLoginWithInvalidCredentials() {
 		$user = 'MyUserName';
 		$password = 'secret';
-		$loginPageUrl = 'some url';
+		$loginPageUrl = '/login?redirect_url=/apps/files';
 
 		$this->request
 			->expects($this->once())
@@ -292,7 +291,10 @@ class LoginControllerTest extends TestCase {
 			->will($this->returnValue(false));
 		$this->urlGenerator->expects($this->once())
 			->method('linkToRoute')
-			->with('core.login.showLoginForm')
+			->with('core.login.showLoginForm', [
+				'user' => 'MyUserName',
+				'redirect_url' => '/apps/files',
+			])
 			->will($this->returnValue($loginPageUrl));
 
 		$this->userSession->expects($this->never())
@@ -304,7 +306,7 @@ class LoginControllerTest extends TestCase {
 
 		$expected = new \OCP\AppFramework\Http\RedirectResponse($loginPageUrl);
 		$expected->throttle();
-		$this->assertEquals($expected, $this->loginController->tryLogin($user, $password, ''));
+		$this->assertEquals($expected, $this->loginController->tryLogin($user, $password, '/apps/files'));
 	}
 
 	public function testLoginWithValidCredentials() {