Project

General

Profile

Actions

Bug #20264

closed

"invalid return_to parameter: requesting site is not listed in TrustedClients config" on logout

Added by Peter Amstutz over 1 year ago. Updated over 1 year ago.

Status:
Resolved
Priority:
Normal
Assigned To:
Category:
API
Story points:
-
Release relationship:
Auto

Description

When I get sent to the logout endpoint, I get this error

{"errors":["invalid return_to parameter: requesting site is not listed in TrustedClients config"]}

I think this is a bug in the log out process because it happens on clusters where I was able to log in. It's annoying.


Subtasks 1 (0 open1 closed)

Task #20276: Review 20264-trusted-clients-portnumberResolvedPeter Amstutz03/29/2023Actions
Actions #1

Updated by Peter Amstutz over 1 year ago

  • Description updated (diff)
Actions #2

Updated by Tom Clegg over 1 year ago

Suspect this is happening because config Workbench2.ExternalURL has a redundant ":443". The validation in source:lib/controller/localdb/login.go does this:

        u, err = u.Parse("/")
        if err != nil {
                return err
        }
        if u.Port() == "80" && u.Scheme == "http" {
                u.Host = u.Hostname()
        } else if u.Port() == "443" && u.Scheme == "https" {
                u.Host = u.Hostname()
        }
        if _, ok := cluster.Login.TrustedClients[arvados.URL(*u)]; ok {
                return nil
        }
        if u.String() == cluster.Services.Workbench1.ExternalURL.String() ||
                u.String() == cluster.Services.Workbench2.ExternalURL.String() {
                return nil
        }

This should also strip redundant :443 and :80 from the config ExternalURL values too before doing the comparison.

Actions #3

Updated by Tom Clegg over 1 year ago

  • Target version changed from Future to Development 2023-03-29 Sprint
  • Assigned To set to Tom Clegg
  • Status changed from New to In Progress
Actions #5

Updated by Peter Amstutz over 1 year ago

  • Release set to 57
Actions #6

Updated by Tom Clegg over 1 year ago

Actions #7

Updated by Tom Clegg over 1 year ago

  • Target version changed from Development 2023-03-29 Sprint to Development 2023-04-12 sprint
Actions #8

Updated by Peter Amstutz over 1 year ago

Tom Clegg wrote in #note-6:

20264-trusted-clients-portnumber @ 2bc1519df3f1995c852cf9bfba6e85ebd0f33c84 -- developer-run-tests: #3568

This LGTM.

Actions #9

Updated by Tom Clegg over 1 year ago

  • Status changed from In Progress to Resolved
Actions

Also available in: Atom PDF