Sign in before redirect

src/VirtoCommerce.Platform.Web/Controllers/ExternalSignInController.cs

@@ -117,16 +117,13 @@ public async Task<ActionResult> SignOut(string authenticationType)
         [AllowAnonymous]
         public async Task<ActionResult> SignInCallback(string returnUrl)
         {
-            if (!Url.IsLocalUrl(returnUrl))
-            {
-                return Redirect(GetHomeUrl());
-            }
-
             var signInResult = await _externalSignInService.SignInAsync();
 
-            return signInResult.Success
-                ? Redirect(returnUrl)
-                : Redirect(GetHomeUrl());
+            var redirectUrl = signInResult.Success && Url.IsLocalUrl(returnUrl)
+                ? returnUrl
+                : GetHomeUrl();
+
+            return Redirect(redirectUrl);
         }
 
         [HttpGet]

src/VirtoCommerce.Platform.Web/Security/ExternalSignInService.cs

@@ -49,18 +49,11 @@ public ExternalSignInService(
         [Obsolete("Not being called. Use SignInAsync()", DiagnosticId = "VC0009", UrlFormat = "https://docs.virtocommerce.org/products/products-virto3-versions/")]
         public virtual async Task<string> ProcessCallbackAsync(string returnUrl, IUrlHelper urlHelper)
         {
-            var homeUrl = urlHelper.Action("Index", "Home") ?? "/";
-
-            if (!urlHelper.IsLocalUrl(returnUrl))
-            {
-                return homeUrl;
-            }
-
             var signInResult = await SignInAsync();
 
-            return signInResult.Success
+            return signInResult.Success && urlHelper.IsLocalUrl(returnUrl)
                 ? returnUrl
-                : homeUrl;
+                : urlHelper.Action("Index", "Home") ?? "/";
         }
 
         public virtual async Task<ExternalSignInResult> SignInAsync()