summary refs log tree commit diff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--changelog.d/7552.bugfix1
-rw-r--r--synapse/rest/client/v2_alpha/auth.py5
2 files changed, 5 insertions, 1 deletions
diff --git a/changelog.d/7552.bugfix b/changelog.d/7552.bugfix
new file mode 100644

index 0000000000..60b31d6d31
--- /dev/null
+++ b/changelog.d/7552.bugfix
@@ -0,0 +1 @@
+Fix "Missing RelayState parameter" error when using user interactive authentication with SAML for some SAML providers.
diff --git a/synapse/rest/client/v2_alpha/auth.py b/synapse/rest/client/v2_alpha/auth.py

index 7bca1326d5..75590ebaeb 100644
--- a/synapse/rest/client/v2_alpha/auth.py
+++ b/synapse/rest/client/v2_alpha/auth.py
@@ -177,7 +177,10 @@ class AuthRestServlet(RestServlet):
                 )
 
             elif self._saml_enabled:
-                client_redirect_url = b""
+                # Some SAML identity providers (e.g. Google) require a
+                # RelayState parameter on requests. It is not necessary here, so
+                # pass in a dummy redirect URL (which will never get used).
+                client_redirect_url = b"unused"
                 sso_redirect_url = self._saml_handler.handle_redirect_request(
                     client_redirect_url, session
                 )
generated by cgit-magenta 1.5.1 (git 2.48.1) at 2025-04-25 10:18:01 +0000