Describe the bug
When an omniauth strategy, after a failure, redirects to any action in OmniauthRegistrationsController CurrentOrganization middleware is bypassed and the NeedsOrganization module prevents access to the redirected OmniauthRegistrationsController#**** action.
To Reproduce
Steps to reproduce the behavior:
- Have a strategy configured
- Make it fail (for example, in an OAuth2 strategy, call the callback url without the 'state' param and a csrf_detected error will be raised)
- You are redirected to system login because the
before_action :verify_organization redirects there.
Expected behavior
If some failure happens or the authentication process is somehow aborted by the user I expect to be redirected to the same organization's views.
If CurrentOrganization is executed before Warden, redirects work great.
Describe the bug
When an omniauth strategy, after a failure, redirects to any action in
OmniauthRegistrationsControllerCurrentOrganizationmiddleware is bypassed and theNeedsOrganizationmodule prevents access to the redirectedOmniauthRegistrationsController#****action.To Reproduce
Steps to reproduce the behavior:
before_action :verify_organizationredirects there.Expected behavior
If some failure happens or the authentication process is somehow aborted by the user I expect to be redirected to the same organization's views.
If
CurrentOrganizationis executed before Warden, redirects work great.