Infos:
- Used Zammad version: 5.2.3
- Used Zammad installation type: package
- Operating system: CentOS 7.9
- Browser + version: Google Chrome Version 106.0.5249.119
Expected behavior:
- When the user is logged out and the client requests the oauth workflow via the /oauth/authorize url he should be presented with a login screen, after successfull login he should be redirected to the original redirect_uri.
Actual behavior:
- When the user is logged out and the OAuth workflow is beeing requested with the following url:
https://ZammadHost/oauth/authorize?client_id=#clientid#&client_secret=#clientsecret#redirect_uri=#redirectUri#&response_type=code’
the user gets redirected to https://ZammadHost/#login when the user logs in now he is redirected to the dashboard instead of the given redirect_uri. This breaks the behaviour of the OAuth Flow.
Steps to reproduce the behavior:
- Clean Zammad Installation
Additional Information
Am i doing something wrong here i remember someone in this forum mentioned it is “by design”? when i use other provider like facebook to access certain pages the workflow is as follows:
- i click on “Login with Facebook”
- a popup opens where i can login with my credentials
- a consent screen is beeing displayed
- i accept and then i get redirected to the original url from where i started the oauth workflow
If there are any additional information you need don´t hesitate to reply 