Potential Bug: CallbackPath issue

[a-tok]

• [x ] I read and understood how to enable logging

Question / Issue

Hello,

I am noticing weird behavior with IdentityServer3.
I have one instance of ADFS as an external provider and some other provider types e.g. Google.
On the custom login screen, instead of having buttons for each external provider, I have a button which toggles between the standard login fields and sso fields (to improve user experience).

The sso fields are just the username input, with the hidden password input, and another hidden input that's always set to true. I perform the home realm discovery based on the input the user types into the username field. I set the password to some random string for the request to go through. The hidden input flag is needed to signal IdentityServer to treat the username as a realm/domain. This was working well for at least a year.

Now a new requirement came in to add an additional ADFS as an external provider. That means, I had to add the CallbackPath property to the WsFederationAuthenticationOptions for each of the ADFS providers.

For some reason the hidden input flag stopped coming through as soon as I added the CallbackPath. Looking at the developer tools network trace the value is being posted to identity server, e.g https://localhost/core/login?signin=asdfasdf.
However, once the request gets to my home realm discovery user service, the flag isn't there.

I was checking the parameters by looking at HttpContext.Current.Request.Params but now I have resort to checking of the SignInMessage.Password property to use as a flag, which is not ideal.

Any ideas what could cause the behavior?

Thanks in advance.

Relevant parts of the log file

[brockallen]

No idea. Sorry.