Project

General

Profile

Actions

action #89710

closed

Add redirection after login compatible to the new IDP login system size:M

Added by okurz about 3 years ago. Updated over 2 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
Category:
Feature requests
Target version:
Start date:
2021-03-09
Due date:
% Done:

0%

Estimated time:

Description

Motivation

Before there was a new IDP login system put in place at SUSE redirection to the page where a user started a login from still worked. This seems to have regressed as the user is always redirected to the openQA index page after login, see #68287 . We can try to support the new IDP login system with adding necessary config to the openid.return-to value or something

Acceptance criteria

  • AC1: After login from a subpage, e.g. /tests, the user is redirected to the same page

Suggestions

  • Try the suggestion from #68287#note-5
  • Configure local instance to use the openID authentication, try it out, mock for tests

Related issues 1 (0 open1 closed)

Related to openSUSE admin - tickets #68287: openqa redirects to startpage after login since new IDP was introducedRejectedbmwiedemann2020-06-22

Actions
Actions #1

Updated by okurz about 3 years ago

  • Related to tickets #68287: openqa redirects to startpage after login since new IDP was introduced added
Actions #2

Updated by dheidler over 2 years ago

https://progress.opensuse.org/issues/68287 #68287 was rejected with the note that this is something we can fix.

So I would increase the priority here and handle it in the next estimating.

Actions #3

Updated by okurz over 2 years ago

  • Subject changed from Add redirection after login compatible to the new IDP login system to Add redirection after login compatible to the new IDP login system size:M
  • Description updated (diff)
  • Status changed from New to Workable
  • Priority changed from Low to Normal
  • Target version changed from future to Ready
Actions #4

Updated by dheidler over 2 years ago

  • Status changed from Workable to In Progress
  • Assignee set to dheidler
Actions #5

Updated by dheidler over 2 years ago

  • Status changed from In Progress to Feedback
Actions #6

Updated by dheidler over 2 years ago

  • Status changed from Feedback to Resolved
Actions #7

Updated by livdywan over 2 years ago

dheidler wrote:

https://github.com/os-autoinst/openQA/pull/4151

Did you test that this works in production? I just tried to visit https://openqa.opensuse.org/admin/users which prompted me to login and then sent me back to the homepage.

Actions #8

Updated by dheidler over 2 years ago

It works when you are on a non-admin page before you login.
It seems that the automated redirect to login that happens when accessing an admin page without being already logged in is not working.
I will have a look.

Actions #9

Updated by dheidler over 2 years ago

  • Status changed from Resolved to In Progress
Actions #10

Updated by dheidler over 2 years ago

The problem is that if an admin-only or operator-only page is accessed without a session the user is redirected to /login:

sub ensure_operator {
    my ($self) = @_;
    $self->redirect_to('login')                       and return undef unless $self->current_user;
    $self->render(text => "Forbidden", status => 403) and return undef unless $self->is_operator;
    return 1 if $self->req->method eq 'GET' || $self->valid_csrf;
    $self->render(text => 'Bad CSRF token!', status => 403);
    return undef;
}

sub ensure_admin {
    my ($self) = @_;
    $self->redirect_to('login')                       and return undef unless $self->current_user;
    $self->render(text => "Forbidden", status => 403) and return undef unless $self->is_admin;
    return 1 if $self->req->method eq 'GET' || $self->valid_csrf;
    $self->render(text => 'Bad CSRF token!', status => 403);
    return undef;
}

When a 302-redirect is performed, the browser is sending the original referrer (the page that the user was on before he clicked the link pointing to the admin page) and not the admin page itself, which initiated the redirect.

Actions #11

Updated by dheidler over 2 years ago

  • Status changed from In Progress to Feedback
Actions #12

Updated by dheidler over 2 years ago

  • Status changed from Feedback to Resolved
Actions

Also available in: Atom PDF