Issue #3331870 by Chris64, PrabuEla, smustgrave, cilefen: Code error url fragment: wrong array key: key #fragment should be fragment

core/modules/user/src/Authentication/Provider/Cookie.php

@@ -130,8 +130,8 @@ class Cookie implements AuthenticationProviderInterface, EventSubscriberInterfac
         $options = UrlHelper::parse($url);
         $options['query']['check_logged_in'] = '1';
         $url = $options['path'] . '?' . UrlHelper::buildQuery($options['query']);
-        if (!empty($options['#fragment'])) {
-          $url .= '#' . $options['#fragment'];
+        if (!empty($options['fragment'])) {
+          $url .= '#' . $options['fragment'];
         }
         // In the case of trusted redirect, we have to update the list of
         // trusted URLs because here we've just modified its target URL

core/modules/user/tests/src/Unit/UserAuthTest.php

@@ -278,4 +278,54 @@ class UserAuthTest extends UnitTestCase {
     $this->assertSame("$frontend_url?check_logged_in=1", $response->getTargetUrl());
   }
 
+  /**
+   * Tests the auth that ends in a redirect from subdomain with a fragment to TLD.
+   */
+  public function testAddCheckToUrlForTrustedRedirectResponseWithFragment(): void {
+    $site_domain = 'site.com';
+    $frontend_url = "https://$site_domain";
+    $backend_url = "https://api.$site_domain";
+    $request = Request::create($backend_url);
+    $response = new TrustedRedirectResponse($frontend_url . '#a_fragment');
+
+    $request_context = $this->createMock(RequestContext::class);
+    $request_context
+      ->method('getCompleteBaseUrl')
+      ->willReturn($backend_url);
+
+    $container = new ContainerBuilder();
+    $container->set('router.request_context', $request_context);
+    \Drupal::setContainer($container);
+
+    $session_mock = $this->createMock(SessionInterface::class);
+    $session_mock
+      ->expects($this->once())
+      ->method('has')
+      ->with('check_logged_in')
+      ->willReturn(TRUE);
+    $session_mock
+      ->expects($this->once())
+      ->method('remove')
+      ->with('check_logged_in');
+
+    $event = new ResponseEvent(
+      $this->createMock(HttpKernelInterface::class),
+      $request,
+      HttpKernelInterface::MAIN_REQUEST,
+      $response
+    );
+
+    $request
+      ->setSession($session_mock);
+
+    $this
+      ->getMockBuilder(Cookie::class)
+      ->disableOriginalConstructor()
+      ->onlyMethods([])
+      ->getMock()
+      ->addCheckToUrl($event);
+
+    $this->assertSame("$frontend_url?check_logged_in=1#a_fragment", $response->getTargetUrl());
+  }
+
 }