Handle "returnUrl" in the OpenId actions (#7558)

src/Orchard.Web/Modules/Orchard.OpenId/Controllers/AccountController.cs

@@ -18,6 +18,7 @@ using Orchard.Users.Events;
 namespace Orchard.OpenId.Controllers
 {
     [Themed]
+    [AlwaysAccessible]
     [OrchardFeature("Orchard.OpenId")]
     public class AccountController : Controller {
         private readonly IEnumerable<IOpenIdProvider> _openIdProviders;
@@ -47,16 +48,17 @@ namespace Orchard.OpenId.Controllers
         public Localizer T { get; set; }
 
         [HttpGet]
-        public ActionResult LogOn() {
+        public ActionResult LogOn(string returnUrl) {
             if (Request.IsAuthenticated) {
-                return Redirect(Url.Content("~/"));
+                return Redirect("~/");
             }
 
+            ViewData["ReturnUrl"] = returnUrl;
+
             return View(_openIdProviders);
         }
 
         [HttpPost]
-        [AlwaysAccessible]
         [ValidateInput(false)]
         [SuppressMessage("Microsoft.Design", "CA1054:UriParametersShouldNotBeStrings", Justification = "Needs to take same parameter type as Controller.Redirect()")]
         public ActionResult LogOn(string userNameOrEmail, string password, string returnUrl, bool rememberMe = false) {
@@ -81,23 +83,27 @@ namespace Orchard.OpenId.Controllers
             return this.RedirectLocal(returnUrl);
         }
 
-        public void Challenge(string openIdProvider) {
+        [SuppressMessage("Microsoft.Design", "CA1054:UriParametersShouldNotBeStrings", Justification = "Needs to take same parameter type as Controller.Redirect()")]
+        public void Challenge(string openIdProvider, string returnUrl) {
             _userEventHandler.LoggingIn(openIdProvider, String.Empty);
 
             if (String.IsNullOrWhiteSpace(openIdProvider))
                 openIdProvider = OpenIdConnectAuthenticationDefaults.AuthenticationType;
 
             if (Request.IsAuthenticated) {
-                Redirect(Url.Content("~/"));
+                this.RedirectLocal(returnUrl);
                 return;
             }
+            else {
+                TempData["ReturnUrl"] = returnUrl;
+            }
 
             var redirectUri = Url.Content(String.Concat(Constants.General.LogonCallbackUrl));
 
             HttpContext.GetOwinContext().Authentication.Challenge(new AuthenticationProperties { RedirectUri = redirectUri }, openIdProvider);
         }
 
-        public RedirectResult LogOff(string openIdProvider) {
+        public ActionResult LogOff(string openIdProvider) {
             if (String.IsNullOrWhiteSpace(openIdProvider))
                 openIdProvider = OpenIdConnectAuthenticationDefaults.AuthenticationType;
 
@@ -109,14 +115,17 @@ namespace Orchard.OpenId.Controllers
                 _userEventHandler.LoggedOut(loggedUser);
             }
 
-            return Redirect(Url.Content("~/"));
+            return Redirect("~/");
         }
 
-        public RedirectResult LogonCallback() {
+        public ActionResult LogonCallback() {
             var user = _authenticationService.GetAuthenticatedUser();
             _userEventHandler.LoggedIn(user);
 
-            return Redirect(Url.Content("~/"));
+            if (TempData.ContainsKey("ReturnUrl"))
+                return this.RedirectLocal((String)TempData["ReturnUrl"]);
+            else
+                return Redirect("~/");
         }
 
         public ActionResult AccessDenied() {
@@ -124,7 +133,7 @@ namespace Orchard.OpenId.Controllers
             var currentUser = _authenticationService.GetAuthenticatedUser();
 
             if (currentUser == null) {
-                return RedirectToAction("Logon");
+                return RedirectToAction("Logon", new { returnUrl = returnUrl });
             }
 
             _userEventHandler.AccessDenied(currentUser);

src/Orchard.Web/Modules/Orchard.OpenId/Models/AzureActiveDirectorySettingsPart.cs

@@ -71,6 +71,12 @@ namespace Orchard.OpenId.Models {
             set { this.Store(x => x.AppKey, value); }
         }
 
+        public string GraphApiKey
+        {
+            get { return this.Retrieve(x => x.GraphApiKey); }
+            set { this.Store(x => x.GraphApiKey, value); }
+        }
+
         public bool IsValid {
             get {
                 if (String.IsNullOrWhiteSpace(Tenant) ||

src/Orchard.Web/Modules/Orchard.OpenId/OwinMiddlewares/AzureActiveDirectory.cs

@@ -60,6 +60,7 @@ namespace Orchard.OpenId.OwinMiddlewares {
             _azureTenant = settings.Tenant;
             _azureAdInstance = settings.ADInstance;
             _azureGraphApiUri = settings.GraphApiUrl;
+            _azureGraphApiKey = settings.GraphApiKey;
             logoutRedirectUri = settings.LogoutRedirectUri;
             azureWebSiteProtectionEnabled = settings.AzureWebSiteProtectionEnabled;
             azureAppKey = settings.AppKey;

src/Orchard.Web/Modules/Orchard.OpenId/Views/Account/Logon.cshtml

@@ -32,7 +32,7 @@
 
 @foreach (var provider in Model) {
     if (provider.IsValid) {
-        <a class="button @provider.Name.HtmlClassify()" href="@Url.Action("Challenge", "Account", new { Area = "Orchard.OpenId", openIdProvider = provider.AuthenticationType })">
+        <a class="button @provider.Name.HtmlClassify()" href="@Url.Action("Challenge", "Account", new { Area = "Orchard.OpenId", openIdProvider = provider.AuthenticationType, returnUrl = ViewData["ReturnUrl"] })">
             @provider.DisplayName
         </a>
     }

src/Orchard.Web/Modules/Orchard.OpenId/Views/EditorTemplates/Parts.AzureActiveDirectorySettings.cshtml

@@ -59,5 +59,8 @@
     @Html.LabelFor(m => m.GraphApiUrl, T("Graph API URL"))
     @Html.TextBoxFor(m => m.GraphApiUrl, new { @class = "text large" })
     <span class="hint">@T("Typically https://graph.windows.net")</span>
+
+    @Html.LabelFor(m => m.GraphApiKey, T("Graph API Key"))
+    @Html.TextBoxFor(m => m.GraphApiKey, new { @class = "text large" })
 </fieldset>
 <hr />