From 1abff7050e307755b6c28d26fa5136669a5e57fa Mon Sep 17 00:00:00 2001
From: Lukas Reschke <lukas@owncloud.com>
Date: Thu, 30 Jun 2016 00:31:11 +0200
Subject: [PATCH] Add workaround for stable9 non-stable entry URL

---
 appinfo/app.php | 12 +++++-------
 js/preauth.js   |  4 ++++
 2 files changed, 9 insertions(+), 7 deletions(-)
 create mode 100644 js/preauth.js

diff --git a/appinfo/app.php b/appinfo/app.php
index 9265c33..2768594 100644
--- a/appinfo/app.php
+++ b/appinfo/app.php
@@ -50,19 +50,17 @@ try {
 	return;
 }
 
-// Redirect all requests to the login page to the SAML login
 // Since with Nextcloud 9 we don't have an unique entry point this is a little
-// bit hacky and won't necessarily detect all situations.
-$currentUrl = substr(explode('?',$request->getRequestUri(), 2)[0], strlen(\OC::$WEBROOT));
-if(($currentUrl === '/index.php') && !OC_User::isLoggedIn()) {
-	$csrfToken = \OC::$server->getCsrfTokenManager()->getToken();
-	header('Location: '.$urlGenerator->linkToRouteAbsolute('user_saml.SAML.login') .'?requesttoken='. urlencode($csrfToken->getEncryptedValue()));
-	exit();
+// bit hacky and won't necessarily detect all situations. So we inject some magic
+// Javascript that does the work for us.
+if(!OC_User::isLoggedIn()) {
+	\OCP\Util::addHeader('script', ['src' => $urlGenerator->linkTo('user_saml', 'js/preauth.js')], '');
 }
 
 // If a request to OCS or remote.php is sent by the official desktop clients it can
 // be intercepted as it supports SAML. All other clients don't yet and thus we
 // require the usage of application specific passwords there.
+$currentUrl = substr(explode('?',$request->getRequestUri(), 2)[0], strlen(\OC::$WEBROOT));
 if(substr($currentUrl, 0, 12) === '/remote.php/' || substr($currentUrl, 0, 5) === '/ocs/') {
 	if(!OC_User::isLoggedIn() && $request->isUserAgent([\OC\AppFramework\Http\Request::USER_AGENT_OWNCLOUD_DESKTOP])) {
 		$csrfToken = \OC::$server->getCsrfTokenManager()->getToken();
diff --git a/js/preauth.js b/js/preauth.js
new file mode 100644
index 0000000..21f4bc2
--- /dev/null
+++ b/js/preauth.js
@@ -0,0 +1,4 @@
+if(typeof OC.Login !== "undefined") {
+	// Redirect to login page
+	window.location = OC.generateUrl('/apps/user_saml/saml/login')+'?requesttoken='+encodeURIComponent(OC.requestToken);
+}