Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Error OTP time to live (2FA sunstone) #6385

Closed
2 of 3 tasks
jloboescalona2 opened this issue Nov 7, 2023 · 0 comments · Fixed by OpenNebula/docs#2761
Closed
2 of 3 tasks

Error OTP time to live (2FA sunstone) #6385

jloboescalona2 opened this issue Nov 7, 2023 · 0 comments · Fixed by OpenNebula/docs#2761
Assignees
@jloboescalona2
Labels
Category: Sunstone Priority: High Security Sponsored Status: Accepted Type: Bug
Milestone
Release 6.8.1

Comments

@jloboescalona2
Copy link
Contributor

jloboescalona2 commented Nov 7, 2023
edited by tinova

Description
In general, the lifetime of the OTP tokens for them to be valid is 1 min.

it happens that the validation of the sunstone extends this time to 5min, this generates an error with its connection with the fireedge, since the fireedge, validates that the maximum time is 1 min and makes that the request that returns the JWT fails.

To Reproduce
A user to put the 2FA and log out.

When logging in again, do it with an expired token older than 1 min, the sunstone will allow it, it will log in, but the request made to the fireedge from the ruby will fail, this will make it try from the client (Browser) but it will also fail because the "token2FA" is not sent.

Expected behavior
it is not allowed to log in to Sunstone with tokens with life time longer than 1 min.

Details

  • Affected Component: [e.g. Sunstone]
  • Hypervisor: [e.g. KVM]
  • Version: [e.g. 5.4.12 or development]

Additional context
Add any other context about the problem here.

Progress Status

  • Code committed
  • Testing - QA
  • Documentation (Release notes - resolved issues, compatibility, known issues)
@jloboescalona2 jloboescalona2 self-assigned this Nov 7, 2023
@tinova tinova closed this as completed Nov 7, 2023
rsmontero pushed a commit that referenced this issue Nov 8, 2023
@jloboescalona2
B #6385: fix time to live (2FA sunstone) (#2805)
450443e
@tinova tinova reopened this Nov 15, 2023
@tinova tinova added this to the Release 6.8.1 milestone Nov 15, 2023
jloboescalona2 added a commit to jloboescalona2/docs that referenced this issue Nov 16, 2023
@jloboescalona2
B OpenNebula/one#6385: OTP time
a30544a
@jloboescalona2 jloboescalona2 linked a pull request Nov 16, 2023 that will close this issue
B OpenNebula/One#6385: OTP time OpenNebula/docs#2761
Merged
tinova pushed a commit to OpenNebula/docs that referenced this issue Nov 16, 2023
@jloboescalona2
B OpenNebula/one#6385: OTP time fix in resolved issues (#2761)
32d3fe5
@tinova tinova closed this as completed Nov 16, 2023
rsmontero pushed a commit that referenced this issue Mar 11, 2024
@jloboescalona2 @tinova
B #6385: fix time to live (2FA sunstone) (#2805)
09b67a2 
(cherry picked from commit 450443e)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@jloboescalona2 jloboescalona2

Labels
Category: Sunstone Priority: High Security Sponsored Status: Accepted Type: Bug
Projects
None yet
Milestone
Release 6.8.1
Development

Successfully merging a pull request may close this issue.

B OpenNebula/One#6385: OTP time jloboescalona2/docs
2 participants
@tinova @jloboescalona2