[Bug] Logged out SSO users being redirected to regular sign in page
- This is a regression introduced by Don't enforce SSO for public groups (!114111 - merged)
- Support ticket [internal]
- Slack thread [internal]
What I see
As a logged out user of a group with SSO enforcement:
Visiting my GitLab group redirects me to https://gitlab.com/users/sign_in
What I should see
As a logged out user of a group with SSO enforcement:
Visiting my GitLab group redirects me to my group's sso_redirect_url
More context
After that MR, needs_new_sso_session
returns true if:
- a group enforces SSO and
- a user is logged in
Before that MR , needs_new_sso_session
returned true if:
- the group enforced SSO
needs_new_sso_session
is the condition we check when deciding whether to redirect a user to group saml sso login path.
So that explains why logged out members of group with SSO enforcement are now being sent to the regular sign in path.
This should be fixed so that logged out members of groups with SSO enforcement are sent to the group saml sso login path. The current behavior is a bug with a workaround but it is a bad UX.