in both cases I land on the course home page, with a warning message “To see course content, sign in or register.”
The documentation still has an example (although with legacy URLs) for this functionality, so I assume it was meant to work at some point. Is the functionality deprecated and the documentation is simply outdated? Was it never meant to work in the Learning MFE or will this be added in the future? Would a patch to fix/add this be welcome upstream? (I am not sure I could volunteer myself as I am not good with react but I am generally curious).
This works when the user is not logged in. Then the user gets transparently redirected to the SSO provider and gets redirected back to the course. If the user is already logged in though, this approach redirects the user to the /learner-dashboard/ URL for whatever reason. In practice, this isn’t very useful either
I had a look into some MFE codes (account, learning, learner dashboard) and can’t find any hint about the tpa_hint parameter. So… guess the question is, if that’s something that’s just missing right now or something that’s deprecated?
//Edit: Just after writing this, I discovered that this works as a workaround:
thanks for the info, much appreciated! I tried the links you suggested but I still land on the dashboard every time
But in any case, as you said, this is not a real solution as it works only when the user is not logged in, meaning that we cannot create reliable links anyway.
for me, the last setup (in the edit) works reliably. Be aware it’s not any MFE link, it’s the original LMS URL.
So basically we’re redirecting the user to the legacy LMS login URL, with a TPA hint + a redirect URL (which in turn can easily be an MFE). That works fine in our setup, no matter if the user is logged in or not.
Interesting, I wonder if there is some differences with SAML vs OAuth2 then. From your examples I see that you are using OAuth while we are using SAML. I get logged in with any of these examples but only land on the dashboard.
This is a bit scary in general as well, how long can we count on a workaround that relies on any legacy URLs? I wonder if this still works for you in Redwood; I’ve tested with SAML in Palm and Quince and it’s not working.
That’s certainly possible. We’ve migrated from SAML to OAuth2, but I have not tested this setup before the migration. There are is one setting that we needed to be adjusted (it’s a tutor plugin in our case):
Maybe this configuration is missing for you? In your case obviously saml-xyz
Honestly this is what I am scared about as well. We’re running Quince right now, and we’ll need to thoroughly test this in Redwood before updating. This functionality is quite important for us. Still hoping for some feedback on the Github issue you raised.
That is missing indeed, I’ll give that a try, thanks!
However, do you happen to know also how would this work if we need to have more than one SAML IdP’s configured for one site?
