fix: Fix redirection logic to always route users to the authn MFE#117
fix: Fix redirection logic to always route users to the authn MFE#117subhashree-sahu31 wants to merge 7 commits intorelease-ulmofrom
Conversation
subhashree-sahu31
commented
Feb 11, 2026
subhashree-sahu31
commented
- Removed conditional checks for enterprise customers, third-party auth hints, and SAML providers.
- Simplified the redirection logic to ensure all users are redirected to the authentication microfrontend (authn MFE) when the toggle is enabled.
- Addressed issues causing incorrect redirection behavior in certain scenarios.
- Removed conditional checks for enterprise customers, third-party auth hints, and SAML providers. - Simplified the redirection logic to ensure all users are redirected to the authentication microfrontend (authn MFE) when the toggle is enabled. - Addressed issues causing incorrect redirection behavior in certain scenarios.
There was a problem hiding this comment.
Pull request overview
This PR simplifies the redirection logic for the authentication microfrontend (authn MFE) by removing conditional checks that were preventing certain users from being redirected when the authn MFE toggle is enabled. The change ensures that all users are consistently routed through the authn MFE when the feature is activated.
Changes:
- Removed conditional checks for enterprise customers, third-party auth hints, and SAML providers from the authn MFE redirection logic
- Simplified the redirection condition to only check if the authn MFE feature toggle is enabled
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 2 out of 2 changed files in this pull request and generated no new comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 2 out of 2 changed files in this pull request and generated 2 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| if should_redirect_to_authn_microfrontend(): | ||
| # This is to handle a case where a logged-in cookie is not present but the user is authenticated. |
There was a problem hiding this comment.
This change alters redirect behavior for enterprise customers, tpa_hint flows, and SAML-running pipelines when ENABLE_AUTHN_MICROFRONTEND is enabled. There are existing logistration redirect tests, but none that assert the new behavior for these scenarios; please add/update tests to cover (at least) enterprise_customer present, next containing tpa_hint, and an active SAML pipeline so future changes don’t reintroduce the previous conditional behavior.
| enterprise_customer = enterprise_customer_for_request(request) | ||
|
|
||
| if should_redirect_to_authn_microfrontend() and \ | ||
| not enterprise_customer and \ | ||
| not tpa_hint_provider and \ | ||
| not saml_provider: | ||
|
|
||
| if should_redirect_to_authn_microfrontend(): | ||
| # This is to handle a case where a logged-in cookie is not present but the user is authenticated. |
There was a problem hiding this comment.
With the redirect condition simplified to should_redirect_to_authn_microfrontend() only, the earlier saml_provider/running_pipeline check is now dead code and the comment block describing enterprise/TPA/SAML conditions is out of date. Consider removing the unused SAML detection block and moving the enterprise_customer_for_request() call below the redirect branch so we don’t do extra work (and potential DB calls) on requests that immediately redirect to the authn MFE.
|
The PR is failing due to missing pkg_resources, which is part of setuptools. I will update the workflow to ensure setuptools is installed before running the dependency check and re-test. |
3 participants
