Story #16680

Ensure expired tokens are handle properly

Added by Peter Amstutz about 1 year ago. Updated about 1 year ago.

Status:
Resolved
Priority:
Normal
Assigned To:
Category:
Workbench2
Target version:
Start date:
08/27/2020
Due date:
% Done:

100%

Estimated time:
(Total: 0.00 h)
Story points:
-
Release relationship:
Auto

Description

If the user attempts to use an expired token, Workbench 2 should detect that the token is expired, notify the user that they have been logged out, and send them back to the log in page.


Subtasks

Task #16758: Review 16680-expired-token-handlingResolvedPeter Amstutz


Related issues

Related to Arvados Epics - Story #16520: GxP QualificationResolved08/01/202004/30/2021

Associated revisions

Revision f17af4bf
Added by Lucas Di Pentima about 1 year ago

Merge branch '16680-expired-token-handling'
Closes #16680

Arvados-DCO-1.1-Signed-off-by: Lucas Di Pentima <>

History

#1 Updated by Peter Amstutz about 1 year ago

  • Description updated (diff)
  • Tracker changed from Bug to Story

#2 Updated by Peter Amstutz about 1 year ago

#3 Updated by Peter Amstutz about 1 year ago

  • Release set to 25

#4 Updated by Peter Amstutz about 1 year ago

  • Target version set to 2020-09-09 Sprint

#5 Updated by Lucas Di Pentima about 1 year ago

  • Assigned To set to Lucas Di Pentima

#6 Updated by Lucas Di Pentima about 1 year ago

  • Status changed from New to In Progress

#7 Updated by Lucas Di Pentima about 1 year ago

Updates at arvados-workbench2|202a49e - branch 16680-expired-token-handling
Test run: https://ci.arvados.org/view/Developer/job/developer-tests-workbench2/82/

  • Enhanced commonService's error reporting in order to get the status code on the error handler.
  • Logs out user when receiving a 401 error with message "Not logged in"
  • Changed the way "Not found" dialog is shown: instead of parsing the error message, it's displayed whenever a 404 error is received.

I'm not sure how to unit test this. I think I could make an e2e test by setting the token to something invalid and checking that the login form is shown.

#8 Updated by Peter Amstutz about 1 year ago

Lucas Di Pentima wrote:

Updates at arvados-workbench2|202a49e - branch 16680-expired-token-handling
Test run: https://ci.arvados.org/view/Developer/job/developer-tests-workbench2/82/

  • Enhanced commonService's error reporting in order to get the status code on the error handler.
  • Logs out user when receiving a 401 error with message "Not logged in"
  • Changed the way "Not found" dialog is shown: instead of parsing the error message, it's displayed whenever a 404 error is received.

Tested manually, worked as expected. I noticed that if you try to download something, keep-web doesn't return good errors to the browser, but I made that a separate ticket #16774.

I'm not sure how to unit test this. I think I could make an e2e test by setting the token to something invalid and checking that the login form is shown.

I think that's a good idea. Otherwise LGTM.

#9 Updated by Lucas Di Pentima about 1 year ago

Update at arvados-workbench2|68139213
Test run: https://ci.arvados.org/view/Developer/job/developer-tests-workbench2/86/

  • Fixes Dockerfile replacing the use of deprecated MAINTAINER with LABEL.
  • Adds e2e test checking the auto-logout behaviour when using an invalid token.

#10 Updated by Peter Amstutz about 1 year ago

Lucas Di Pentima wrote:

Update at arvados-workbench2|68139213
Test run: https://ci.arvados.org/view/Developer/job/developer-tests-workbench2/86/

  • Fixes Dockerfile replacing the use of deprecated MAINTAINER with LABEL.
  • Adds e2e test checking the auto-logout behaviour when using an invalid token.

LGTM

#11 Updated by Anonymous about 1 year ago

  • Status changed from In Progress to Resolved

Also available in: Atom PDF