From dbfc08afd176f2f61eca0006d4499fc5835a56cb Mon Sep 17 00:00:00 2001
From: srosse <stephane.rosse@frentix.com>
Date: Wed, 24 Feb 2021 07:50:16 +0100
Subject: [PATCH] OO-5309: prevent double redirect to the login provider

---
 .../login/oauth/ui/OAuthAuthenticationController.java  | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/src/main/java/org/olat/login/oauth/ui/OAuthAuthenticationController.java b/src/main/java/org/olat/login/oauth/ui/OAuthAuthenticationController.java
index a4bb0027101..de7c43c2a94 100644
--- a/src/main/java/org/olat/login/oauth/ui/OAuthAuthenticationController.java
+++ b/src/main/java/org/olat/login/oauth/ui/OAuthAuthenticationController.java
@@ -31,6 +31,7 @@ import org.olat.core.gui.components.form.flexible.impl.FormBasicController;
 import org.olat.core.gui.components.form.flexible.impl.FormEvent;
 import org.olat.core.gui.components.link.Link;
 import org.olat.core.gui.control.Controller;
+import org.olat.core.gui.control.DispatchResult;
 import org.olat.core.gui.control.WindowControl;
 import org.olat.core.gui.control.generic.dtabs.Activateable2;
 import org.olat.core.gui.media.MediaResource;
@@ -115,8 +116,11 @@ public class OAuthAuthenticationController extends FormBasicController implement
 	}
 	
 	private void redirect(UserRequest ureq, OAuthSPI provider) {
-		HttpSession session = ureq.getHttpReq().getSession();
-		MediaResource redirectResource = new OAuthResource(provider, session);
-		ureq.getDispatchResult().setResultingMediaResource(redirectResource);
+		DispatchResult result = ureq.getDispatchResult();
+		if(result.getResultingMediaResource() == null) {// prevent twice the redirect
+			HttpSession session = ureq.getHttpReq().getSession();
+			MediaResource redirectResource = new OAuthResource(provider, session);
+			result.setResultingMediaResource(redirectResource);
+		}
 	}
 }
\ No newline at end of file
-- 
GitLab