Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

server: refreshing initial login screen creates new auth requests #646

Closed
ericchiang opened this issue Oct 28, 2016 · 2 comments
Closed

server: refreshing initial login screen creates new auth requests #646

ericchiang opened this issue Oct 28, 2016 · 2 comments
Labels
priority/P2 v2

Comments

@ericchiang
Copy link
Contributor

Few things we could do:

  1. Do an initial redirect so the user gets dropped at a screen with the req= parameter (fixes the refreshing).
  2. Don't persist auth data until we redirect the user to a remote provider..

Also, we need to do rate limiting.
@ericchiang ericchiang changed the title server: refreshing page on initial login screen creates new auth requests server: refreshing initial login screen creates new auth requests Oct 28, 2016
@ericchiang
Copy link
Contributor Author

Don't persist auth data until we redirect the user to a remote provider..

FYI this also fixes issues when users suspend their screen and their auth request gets gc'd. I think the second option is a more correct one and would solve other problem.

@ericchiang ericchiang self-assigned this Dec 7, 2016
@ericchiang ericchiang mentioned this issue Dec 14, 2016
Closed
@ericchiang ericchiang mentioned this issue Feb 2, 2017
Merged
@ericchiang ericchiang mentioned this issue May 23, 2017
Open
@rithujohn191 rithujohn191 added this to the v2.5.0 milestone May 23, 2017
This was referenced Sep 10, 2018
Open
Closed
@srenatus srenatus mentioned this issue Nov 28, 2018
Closed
@ericchiang ericchiang removed their assignment Jul 6, 2019
@sagikazarmark sagikazarmark removed this from the v2.5.0 milestone Jan 20, 2020
@al45tair al45tair mentioned this issue Nov 13, 2020
Closed
al45tair added a commit to WorldProgrammingLtd/dex that referenced this issue Nov 16, 2020
@al45tair
fix: defer creation of auth request.
f46c9f6 
Rather than creating the auth request when the user hits /auth, pass
the arguments through to /auth/{connector} and have the auth request
created there.  This prevents a database error when using the "Select
another login method" link, and also avoids a few other error cases.

Fixes dexidp#1849, dexidp#646.

Signed-off-by: Alastair Houghton <alastair@alastairs-place.net>
@al45tair al45tair mentioned this issue Nov 16, 2020
Merged
al45tair added a commit to WorldProgrammingLtd/dex that referenced this issue May 21, 2021
@al45tair
fix: defer creation of auth request.
cdbb5dd 
Rather than creating the auth request when the user hits /auth, pass
the arguments through to /auth/{connector} and have the auth request
created there.  This prevents a database error when using the "Select
another login method" link, and also avoids a few other error cases.

Fixes dexidp#1849, dexidp#646.

Signed-off-by: Alastair Houghton <alastair@alastairs-place.net>
@nabokihms
Copy link
Member

The issue was fixed in Dex v2.29.0
#1865

There is no need to keep track of this issue further. If you found this issue and still have a problem with auth requests, please open a new issue or discussion.

elffjs pushed a commit to DIMO-Network/dex that referenced this issue Jun 27, 2022
@al45tair @elffjs
fix: defer creation of auth request.
324f380 
Rather than creating the auth request when the user hits /auth, pass
the arguments through to /auth/{connector} and have the auth request
created there.  This prevents a database error when using the "Select
another login method" link, and also avoids a few other error cases.

Fixes dexidp#1849, dexidp#646.

Signed-off-by: Alastair Houghton <alastair@alastairs-place.net>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
priority/P2 v2
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@sagikazarmark @ericchiang @rithujohn191 @nabokihms