Bug #20264
closed
"invalid return_to parameter: requesting site is not listed in TrustedClients config" on logout
Added by Peter Amstutz about 1 year ago.
Updated about 1 year ago.
Release relationship:
Auto
Description
When I get sent to the logout endpoint, I get this error
{"errors":["invalid return_to parameter: requesting site is not listed in TrustedClients config"]}
I think this is a bug in the log out process because it happens on clusters where I was able to log in. It's annoying.
- Description updated (diff)
Suspect this is happening because config Workbench2.ExternalURL has a redundant ":443". The validation in source:lib/controller/localdb/login.go does this:
u, err = u.Parse("/")
if err != nil {
return err
}
if u.Port() == "80" && u.Scheme == "http" {
u.Host = u.Hostname()
} else if u.Port() == "443" && u.Scheme == "https" {
u.Host = u.Hostname()
}
if _, ok := cluster.Login.TrustedClients[arvados.URL(*u)]; ok {
return nil
}
if u.String() == cluster.Services.Workbench1.ExternalURL.String() ||
u.String() == cluster.Services.Workbench2.ExternalURL.String() {
return nil
}
This should also strip redundant :443 and :80 from the config ExternalURL values too before doing the comparison.
- Target version changed from Future to Development 2023-03-29 Sprint
- Assigned To set to Tom Clegg
- Status changed from New to In Progress
- Target version changed from Development 2023-03-29 Sprint to Development 2023-04-12 sprint
- Status changed from In Progress to Resolved
Also available in: Atom
PDF
Updated by 
Updated by