-
Notifications
You must be signed in to change notification settings - Fork 4.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
UI: Fix OIDC login in fullscreen #19071
Conversation
return this.handleOIDCError(); | ||
} | ||
if (event.data.source === 'oidc-callback') { | ||
if (event.data.source === 'oidc-callback' && event.isTrusted && event.origin === thisWindow.origin) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
While I'm in here, pulled in the change from ##18521
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This all looks good to me. Thanks for pulling in the updates from that other PR too! Just a comment to remove WAIT_TIME. 🚀
later(() => { | ||
this.closeWindow(oidcWindow); | ||
}, WAIT_TIME); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm just wondering why this pause was needed in the first place and if there might be a case where removing it will cause a regression? Or was the timeout the problem in the first place?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Also, if we don't need it then the WAIT_TIME
variable can also be removed.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The WAIT_TIME variable is used other places 👍
My suspicion is that we wanted to close the window no matter the outcome of the next request, so wrapping this in a later loop prevented duplicative code. I tested that the window closes if the adapter method errors out and tried to handle all cases.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Gotcha thanks!
Resolves Issue #17584
In a browser fullscreen mode, there was a race condition where the new tab triggered close before the OIDC flow was finished.
Behavior before
Locally we increased the timeout, which is a bad experience but shows that the core issue was the close being triggered too soon:
With the fix, we manually call close window after the OIDC succeeds, or when canceling login: