With WildFly-OIDC-Keycloak, exception after being redirected to /fr/auth

[avernet]

The error in the logs is as follows.

Cannot invoke "java.lang.CharSequence.length()" because "this.text" is null

To reproduce:

1. In the user menu, click "Login."
2. We are redirected to a URL like /fr/auth?source=/fr/a/a/new. WildFly redirects us to Keycloak, passing a redirect_uri request parameter that doesn't include the source. Log in.
3. We are redirected to /fr/auth, which cannot find the source.

[avernet]

One possibility would be to:

1. Only have /fr/auth protected in the web.xml (which is the default), so requests would always reach Orbeon Forms.
2. Have Orbeon Forms save the current path in the session or a cookie (if the session is cleared during login).
3. Optionally, if user authentication is always required, redirect users to /fr/auth.
4. Here, WildFly would take over, redirect the user to the identity provider, and if authentication is successful, the user will end up back on /fr/auth.
5. Orbeon Forms would then retrieve the previously saved path and redirect the user to that path.

[avernet]

WildFly does support passing query parameters, but do this to work it has to be started with -Dwildfly.elytron.oidc.allow.query.params=true, e.g. adding the following to the compose.yml.

environment:
  - JAVA_OPTS=-Dwildfly.elytron.oidc.allow.query.params=true