Bug #20264
closed
"invalid return_to parameter: requesting site is not listed in TrustedClients config" on logout
Description
When I get sent to the logout endpoint, I get this error
{"errors":["invalid return_to parameter: requesting site is not listed in TrustedClients config"]}
I think this is a bug in the log out process because it happens on clusters where I was able to log in. It's annoying.
Updated by Tom Clegg over 1 year ago
Suspect this is happening because config Workbench2.ExternalURL has a redundant ":443". The validation in source:lib/controller/localdb/login.go does this:
u, err = u.Parse("/")
if err != nil {
return err
}
if u.Port() == "80" && u.Scheme == "http" {
u.Host = u.Hostname()
} else if u.Port() == "443" && u.Scheme == "https" {
u.Host = u.Hostname()
}
if _, ok := cluster.Login.TrustedClients[arvados.URL(*u)]; ok {
return nil
}
if u.String() == cluster.Services.Workbench1.ExternalURL.String() ||
u.String() == cluster.Services.Workbench2.ExternalURL.String() {
return nil
}
This should also strip redundant :443 and :80 from the config ExternalURL values too before doing the comparison.
Updated by Tom Clegg over 1 year ago
- Target version changed from Future to Development 2023-03-29 Sprint
- Assigned To set to Tom Clegg
- Status changed from New to In Progress
Updated by Tom Clegg over 1 year ago
20264-trusted-clients-portnumber @ 2bc1519df3f1995c852cf9bfba6e85ebd0f33c84 -- developer-run-tests: #3568
Updated by Tom Clegg over 1 year ago
- Target version changed from Development 2023-03-29 Sprint to Development 2023-04-12 sprint
Updated by Peter Amstutz over 1 year ago
Tom Clegg wrote in #note-6:
20264-trusted-clients-portnumber @ 2bc1519df3f1995c852cf9bfba6e85ebd0f33c84 -- developer-run-tests: #3568
This LGTM.
Updated by Tom Clegg over 1 year ago
- Status changed from In Progress to Resolved
Applied in changeset arvados|b517f68ab03879edb3cec475bd1988c2e5fe96bd.