From 9da95493bccd91dc854a12c3e55516850578308c Mon Sep 17 00:00:00 2001
From: Josh Betz <j@joshbetz.com>
Date: Fri, 12 Apr 2019 10:53:50 -0500
Subject: [PATCH] Fix Jetpack SSO Compatibility

After SSO, we successfully see the two factor verification. The problem is that the query string for SSO is like `?action=jetpack-sso&result=success&user_id=<redacted>&sso_nonce=<redacted>`. If we try to redirect back to that page, we get into a loop where SSO tries to login again, even though we're already logged in (and the nonce is no longer valid). We can redirect to /wp-admin/ instead of `REQEUST_URI`.
---
 class.two-factor-core.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/class.two-factor-core.php b/class.two-factor-core.php
index 664e480c..f54dd009 100644
--- a/class.two-factor-core.php
+++ b/class.two-factor-core.php
@@ -307,7 +307,7 @@ public static function show_two_factor_login( $user ) {
 			wp_die( esc_html__( 'Failed to create a login nonce.', 'two-factor' ) );
 		}
 
-		$redirect_to = isset( $_REQUEST['redirect_to'] ) ? $_REQUEST['redirect_to'] : $_SERVER['REQUEST_URI'];
+		$redirect_to = isset( $_REQUEST['redirect_to'] ) ? $_REQUEST['redirect_to'] : admin_url();
 
 		self::login_html( $user, $login_nonce['key'], $redirect_to );
 	}