SWA auth emulator does not handle `post_login_redirect_uri=.referrer`

[thsackos]

Are you accessing the CLI from the default port :4280 ?

• No, I am using a different port number (--port) and accessing the CLI from that port
• Yes, I am accessing the CLI from port :4280

Describe the bug
According to documentation, the staticwebapp.config.json supports a .referrer redirect for the auth routes. The .referrer should be replaced by the route the user was attempting to access before the auth redirect.

However, the SWA emulator (and auth emulator page?) treat the redirect path as a plain string. It is not substituted by the expected path.

To Reproduce

1. Create a static web app. Restrict access using routes in staticwebapp.config.json. Users must be authenticated to access any page.
   • { "route": "/*", "allowedRoles": ["authenticated"] }
2. Provide an auth redirect for any unauthorized response using responseOverrides in staticwebapp.config.json.
   • "responseOverrides":{"401":{"statusCode":302,"redirect":"/.auth/login/aad?post_login_redirect_uri=.referrer"}}
3. User loads GET http://localhost:4280/my-application-path?data=x
4. User is not authenticated and does not meet required allowedRoles.
5. User is redirected to auth emulator page at http://localhost:4280/.auth/login/aad?post_login_redirect_uri=.referrer $^{10}$
6. User clicks "Login" in the emulator.
7. Page is stuck in infinite loading loop. Page does not leave login emulator. SWA is attempting to use the .referrer as a valid application path, instead of replacing it with the actual path. $^{11}$

Expected behavior
10. Emulator should redirect user to authenticate at route http://localhost:4280/.auth/login/aad?post_login_redirect_uri=my-application-path%3Fdata%3Dx instead.
11. After clicking "Login" the emulator redirects the user to GET http://localhost:4280/my-application-path?data=x.

Relevant Logs:

[swa] ------------------- processing route -------------------
[swa] --------------------------------------------------------
[swa] processing /.auth/login/.referrer
...
[swa] - matchingRouteRule:
[swa]   - route: /*
[swa]  - allowedRoles:
[swa]    - 0: authenticated
[swa] checking auth request
[swa]  - auth request detected
[swa] processing auth request
[swa]  - auth returned 404
[swa] checking response overrides for status code 404
[swa]  - no rules found.
[swa] GET http://localhost:4280/404.html - 404
[swa] GET http://localhost:4280/404.html - 404

Desktop (please complete the following information):

• OS: Windows
• Version 11

[thsackos]

My cursory reading of the code leads me to believe that this line of code should be aware of the "=.referrer" behavior defined in the documentation.

[thsackos]

Opened a PR with a draft solution to the problem described above ^.

[Reshmi-Sriram]

Thanks for your contribution @thsackos!!
We will get your PR reviewed and merged soon!
Keep coding! :)

[sgollapudi77]

Hey @thsackos , thanks for your PR, we'll review this and merge the PR as soon as possible.

[jason-johnson]

For me this is not working. After the emulator login it redirects to /.referrer, which doesn't exist.