From f176c0f37996beeebede8992fcecffa02cf7b845 Mon Sep 17 00:00:00 2001
From: Ryan Berger <rberger@ebsco.com>
Date: Fri, 6 Sep 2024 14:40:04 -0400
Subject: [PATCH 1/3] Clear saved entry path so that subsequent logins will use
 default base URL

---
 src/components/AuthnLogin/AuthnLogin.js | 2 +-
 src/loginServices.js                    | 5 ++++-
 2 files changed, 5 insertions(+), 2 deletions(-)

diff --git a/src/components/AuthnLogin/AuthnLogin.js b/src/components/AuthnLogin/AuthnLogin.js
index 2d9c92cfd..1519c59c2 100644
--- a/src/components/AuthnLogin/AuthnLogin.js
+++ b/src/components/AuthnLogin/AuthnLogin.js
@@ -36,7 +36,7 @@ const AuthnLogin = ({ stripes }) => {
      * @see OIDCRedirect
      */
     if (okapi.authnUrl && window.location.pathname !== '/') {
-      setUnauthorizedPathToSession(window.location.pathname + window.location.search);
+      setUnauthorizedPathToSession();
     }
 
     // If only 1 tenant is defined in config (in either okapi or config.tenantOptions) set to okapi to be accessed there
diff --git a/src/loginServices.js b/src/loginServices.js
index d30576c46..2affc81aa 100644
--- a/src/loginServices.js
+++ b/src/loginServices.js
@@ -125,7 +125,7 @@ export const removeUnauthorizedPathFromSession = () => sessionStorage.removeItem
 export const setUnauthorizedPathToSession = (pathname) => {
   const path = pathname ?? `${window.location.pathname}${window.location.search}`;
   if (!path.startsWith('/logout')) {
-    sessionStorage.setItem(UNAUTHORIZED_PATH, pathname ?? `${window.location.pathname}${window.location.search}`);
+    sessionStorage.setItem(UNAUTHORIZED_PATH, path);
   }
 };
 export const getUnauthorizedPathFromSession = () => sessionStorage.getItem(UNAUTHORIZED_PATH);
@@ -514,6 +514,9 @@ export async function logout(okapiUrl, store) {
       localStorage.removeItem(SESSION_NAME);
       localStorage.removeItem(RTR_TIMEOUT_EVENT);
 
+      // Clear saved entry path so that subsequent logins will use default base URL.
+      removeUnauthorizedPathFromSession();
+
       store.dispatch(setIsAuthenticated(false));
       store.dispatch(clearCurrentUser());
       store.dispatch(clearOkapiToken());

From 00c40bda6c3c63cd47f09962097680d32d65fb7c Mon Sep 17 00:00:00 2001
From: Ryan Berger <rberger@ebsco.com>
Date: Mon, 9 Sep 2024 14:25:48 -0400
Subject: [PATCH 2/3] Moving removeUnauthorizedPathFromSession() to
 OIDCRedirect so the value is cleared right after being used rather than on
 logout

---
 src/components/OIDCRedirect.js | 10 +++++++---
 src/loginServices.js           |  3 ---
 2 files changed, 7 insertions(+), 6 deletions(-)

diff --git a/src/components/OIDCRedirect.js b/src/components/OIDCRedirect.js
index c224b3dad..af4c348dd 100644
--- a/src/components/OIDCRedirect.js
+++ b/src/components/OIDCRedirect.js
@@ -1,7 +1,9 @@
 import { withRouter, Redirect, useLocation } from 'react-router';
 import queryString from 'query-string';
 import { useStripes } from '../StripesContext';
-import { getUnauthorizedPathFromSession } from '../loginServices';
+import { getUnauthorizedPathFromSession, removeUnauthorizedPathFromSession } from '../loginServices';
+
+const unauthorizedPath = getUnauthorizedPathFromSession();
 
 /**
  * OIDCRedirect authenticated route handler for /oidc-landing.
@@ -29,8 +31,10 @@ const OIDCRedirect = () => {
 
   const getUrl = () => {
     if (stripes.okapi.authnUrl) {
-      const unauthorizedPath = getUnauthorizedPathFromSession();
-      if (unauthorizedPath) return unauthorizedPath;
+      if (unauthorizedPath) {
+        removeUnauthorizedPathFromSession();
+        return unauthorizedPath;
+      }
     }
 
     const params = getParams();
diff --git a/src/loginServices.js b/src/loginServices.js
index 2affc81aa..4f05d7c13 100644
--- a/src/loginServices.js
+++ b/src/loginServices.js
@@ -514,9 +514,6 @@ export async function logout(okapiUrl, store) {
       localStorage.removeItem(SESSION_NAME);
       localStorage.removeItem(RTR_TIMEOUT_EVENT);
 
-      // Clear saved entry path so that subsequent logins will use default base URL.
-      removeUnauthorizedPathFromSession();
-
       store.dispatch(setIsAuthenticated(false));
       store.dispatch(clearCurrentUser());
       store.dispatch(clearOkapiToken());

From 6aa90cdef5cb1a36a5015e15f6adfcd03483b32c Mon Sep 17 00:00:00 2001
From: Ryan Berger <rberger@ebsco.com>
Date: Mon, 9 Sep 2024 14:29:09 -0400
Subject: [PATCH 3/3] Add comment

---
 src/components/OIDCRedirect.js | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/components/OIDCRedirect.js b/src/components/OIDCRedirect.js
index af4c348dd..9d463fe9a 100644
--- a/src/components/OIDCRedirect.js
+++ b/src/components/OIDCRedirect.js
@@ -3,6 +3,8 @@ import queryString from 'query-string';
 import { useStripes } from '../StripesContext';
 import { getUnauthorizedPathFromSession, removeUnauthorizedPathFromSession } from '../loginServices';
 
+// Setting at top of component since value should be retained during re-renders
+// but will be correctly re-fetched when redirected from Keycloak login page.
 const unauthorizedPath = getUnauthorizedPathFromSession();
 
 /**