fix: return_to url in registration flow not respected when user is already registered (Fix for: #2420)

[supercairos]

This commit fix kratos to properly follow the return_to query params in the registration flow if the user is already logged-in
This fix follows the same logic as in other flow as it can be seen in the login flow for exemple:

kratos/selfservice/flow/login/handler.go

Lines 423 to 430 in 11f9d30

	returnTo, redirErr := x.SecureRedirectTo(r, h.d.Config().SelfServiceBrowserDefaultReturnTo(r.Context()),
	x.SecureRedirectAllowSelfServiceURLs(h.d.Config().SelfPublicURL(r.Context())),
	x.SecureRedirectAllowURLs(h.d.Config().SelfServiceBrowserAllowedReturnToDomains(r.Context())),
	)
	if redirErr != nil {
	h.d.SelfServiceErrorManager().Forward(r.Context(), w, r, redirErr)
	return
	}

Related issue(s)

#2805
#2420

Reproducing issue(s)

On the 0.11.0:

1. add the return_to url to your config in selfservice.allowed_return_urls

selfservice:
  allowed_return_urls:
    - https://perdu.com

2. try to create a registration flow:
   http://127.0.0.1:4433/self-service/registration/browser?return_to=https://perdu.com

You should be redirected to perdu.com (if perdu.com was in your allowed_return_urls)
Notice that you're only redirected to the value you've setup in selfservice.default_browser_return_url

Checklist

• I have read the contributing guidelines.
• I have referenced an issue containing the design document if my change
  introduces a new feature.
• I am following the
  contributing code guidelines.
• I have read the security policy.
• I confirm that this pull request does not address a security
  vulnerability. If this pull request addresses a security vulnerability, I
  confirm that I got the approval (please contact
  [email protected]) from the maintainers to push
  the changes.
• I have added tests that prove my fix is effective or that my feature
  works.
• I have added or changed the documentation.

[codecov]

Codecov Report

Merging #2957 (63c2673) into master (2f9b001) will increase coverage by 0.13%.
The diff coverage is 62.50%.

❗ Current head 63c2673 differs from pull request most recent head 1e8d937. Consider uploading reports for the commit 1e8d937 to get more accurate results

@@            Coverage Diff             @@
##           master    #2957      +/-   ##
==========================================
+ Coverage   76.16%   76.30%   +0.13%     
==========================================
  Files         309      309              
  Lines       19046    19039       -7     
==========================================
+ Hits        14507    14528      +21     
+ Misses       3414     3390      -24     
+ Partials     1125     1121       -4     

Impacted Files	Coverage Δ
selfservice/flow/registration/handler.go	79.37% <62.50%> (-1.02%)	⬇️
session/handler.go	67.94% <0.00%> (ø)
selfservice/strategy/code/strategy_recovery.go	70.19% <0.00%> (ø)
selfservice/strategy/link/strategy_recovery.go	62.71% <0.00%> (ø)
courier/smtp.go	70.45% <0.00%> (+0.88%)	⬆️
persistence/sql/persister_courier.go	88.63% <0.00%> (+4.54%)	⬆️
courier/courier_dispatcher.go	69.11% <0.00%> (+25.69%)	⬆️

Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here.

[zepatrik]

Nice 👍
Thank you very much 🎉

[vinckr]

Hello @supercairos
Congrats on merging your first PR in Ory 🎉 !
Your contribution will soon be helping secure millions of identities around the globe 🌏.
As a small token of appreciation we send our first time contributors a gift package to welcome them to the community.
Please drop me an email and I will forward you the form to claim your Ory swag!