Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

UI: Fix OIDC login in fullscreen #19071

Merged
merged 3 commits into from
Feb 8, 2023

Conversation

hashishaw
Copy link
Contributor

Resolves Issue #17584

In a browser fullscreen mode, there was a race condition where the new tab triggered close before the OIDC flow was finished.

Behavior before
Before - error when fullscreen

Locally we increased the timeout, which is a bad experience but shows that the core issue was the close being triggered too soon:
After - timeout bump

With the fix, we manually call close window after the OIDC succeeds, or when canceling login:
After - with fix

@hashishaw hashishaw added this to the 1.10.11 milestone Feb 8, 2023
@hashishaw hashishaw added backport/1.10.x ui bug Used to indicate a potential bug labels Feb 8, 2023
return this.handleOIDCError();
}
if (event.data.source === 'oidc-callback') {
if (event.data.source === 'oidc-callback' && event.isTrusted && event.origin === thisWindow.origin) {
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

While I'm in here, pulled in the change from ##18521

@hashishaw hashishaw marked this pull request as ready for review February 8, 2023 18:06
Copy link
Contributor

@zofskeez zofskeez left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This all looks good to me. Thanks for pulling in the updates from that other PR too! Just a comment to remove WAIT_TIME. 🚀

Comment on lines -149 to -151
later(() => {
this.closeWindow(oidcWindow);
}, WAIT_TIME);
Copy link
Contributor

@zofskeez zofskeez Feb 8, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm just wondering why this pause was needed in the first place and if there might be a case where removing it will cause a regression? Or was the timeout the problem in the first place?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Also, if we don't need it then the WAIT_TIME variable can also be removed.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The WAIT_TIME variable is used other places 👍

My suspicion is that we wanted to close the window no matter the outcome of the next request, so wrapping this in a later loop prevented duplicative code. I tested that the window closes if the adapter method errors out and tried to handle all cases.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Gotcha thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug Used to indicate a potential bug ui
Projects
None yet
Development

Successfully merging this pull request may close these issues.

OIDC login fails when using Firefox in fullscreen on macOS
2 participants