From aa738a23c3ba179d4d1871ec7f83bfdfbfaa67fc Mon Sep 17 00:00:00 2001
From: stauffec <facetboy@gmail.com>
Date: Mon, 25 May 2015 08:24:49 -0400
Subject: [PATCH] Add additional redirect check for google login

It looks like when logging into google, the recommended procedure for following the user to the "next" url is put that next parameter encoded in a "state" parameter that is passed to Google. Google then passes it back to you.
---
 flask_stormpath/views.py | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/flask_stormpath/views.py b/flask_stormpath/views.py
index 61b1a0c..d03d575 100644
--- a/flask_stormpath/views.py
+++ b/flask_stormpath/views.py
@@ -23,6 +23,8 @@
 )
 from .models import User
 
+# Add libraries to support url parsing from google redirect
+import urllib,urlparse
 
 def register():
     """
@@ -396,6 +398,12 @@ def google_login():
     # Google user will be treated exactly like a normal Stormpath user!
     login_user(account, remember=True)
 
+    # First check if redirect from google included a state parameter that contained the next url
+    if 'state' in request.args:
+        params = urlparse.parse_qs(urllib.unquote(request.args.get('state')))
+        if 'next' in params and len(params['next']) == 1:
+            return redirect(params['next'][0])
+
     return redirect(request.args.get('next') or current_app.config['STORMPATH_REDIRECT_URL'])