From 5200d56bd2b7567e426ba564b94e7277a447295c Mon Sep 17 00:00:00 2001
From: Benjamin Dauvergne <bdauvergne@entrouvert.com>
Date: Wed, 6 Jul 2022 19:03:36 +0200
Subject: [PATCH 2/3] saml2: store current value of OPENED_SESSION_COOKIE in
 session (#67090)

---
 wcs/qommon/saml2.py    | 5 +++++
 wcs/qommon/sessions.py | 1 +
 2 files changed, 6 insertions(+)

diff --git a/wcs/qommon/saml2.py b/wcs/qommon/saml2.py
index e32b3cc2f..194e71880 100644
--- a/wcs/qommon/saml2.py
+++ b/wcs/qommon/saml2.py
@@ -375,6 +375,11 @@ class Saml2Directory(Directory):
         user = self.lookup_user(session, login)
         if user:
             session.set_user(user.id)
+            # save value of OPENED_SESSION_COOKIE for wcs.root.RootDirectory.try_passive_sso()
+            OPENED_SESSION_COOKIE = get_publisher().get_site_option('idp_session_cookie_name')
+            if OPENED_SESSION_COOKIE:
+                if OPENED_SESSION_COOKIE in get_request().cookies:
+                    session.opened_session_value = get_request().cookies[OPENED_SESSION_COOKIE]
         else:
             return error_page('Error associating user on SSO')
         session.lasso_identity_provider_id = login.remoteProviderId
diff --git a/wcs/qommon/sessions.py b/wcs/qommon/sessions.py
index 544fe090d..2ab044ddd 100644
--- a/wcs/qommon/sessions.py
+++ b/wcs/qommon/sessions.py
@@ -88,6 +88,7 @@ class Session(QommonSession, CaptchaSession, StorableObject):
     forced = False
     # should only be overwritten by authentication methods
     extra_user_variables = None
+    opened_session_value = None
 
     username = None  # only set on password authentication
 
-- 
2.35.1