fix: Redirect non-enterprise SAML to authn MFE

The original request was that enterprise users with tpa hint and SAML should not be redirected to MFE. The current condition also excludes regular non-enterprise users with SAML authentication from the MFE.
openedx · Nov 22, 2024 · 1ea8996 · 1ea8996
1 parent e440405
commit 1ea8996
Showing 1 changed file with 3 additions and 10 deletions.
diff --git a/openedx/core/djangoapps/user_authn/views/login_form.py b/openedx/core/djangoapps/user_authn/views/login_form.py
@@ -187,12 +187,7 @@ def login_and_registration_form(request, initial_mode="login"):
             log.exception("Unknown tpa_hint provider: %s", ex)
 
     # Redirect to authn MFE if it is enabled
-    # AND
-    #   user is not an enterprise user
-    # AND
-    #   tpa_hint_provider is not available
-    # AND
-    #   user is not coming from a SAML IDP.
+    # except if user is an enterprise user with tpa_hint_provider coming from a SAML IDP.
     saml_provider = False
     running_pipeline = pipeline.get(request)
     if running_pipeline:
@@ -202,10 +197,8 @@ def login_and_registration_form(request, initial_mode="login"):
 
     enterprise_customer = enterprise_customer_for_request(request)
 
-    if should_redirect_to_authn_microfrontend() and \
-            not enterprise_customer and \
-            not tpa_hint_provider and \
-            not saml_provider:
+    if should_redirect_to_authn_microfrontend() and not \
+        (enterprise_customer and tpa_hint_provider and saml_provider):
 
         # This is to handle a case where a logged-in cookie is not present but the user is authenticated.
         # Note: If we don't handle this learner is redirected to authn MFE and then back to dashboard