Skip to content

Improve oauth2 idp-initiated login #13476

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Mar 12, 2025
Merged

Improve oauth2 idp-initiated login #13476

merged 1 commit into from
Mar 12, 2025

Conversation

@MarcialRosales
Copy link
Contributor

@MarcialRosales MarcialRosales commented Mar 10, 2025
edited
Loading

Proposed Changes

This is an improvement to the /login endpoint (rabbit_mgmt_login) used for idp-initiated logons in the management ui.

The previous implementation produced a warning message in the browser the first time the form was submitted. The warning message warned the user that the form was about to be submitted again. This was because the response page to the POST request contained a javascript code that refreshed the page.

With this new change, the rabbit_mgmt_login module instead replies with a redirect 302 including a cookie with the token. This cookie is very short-lived, when the user is redirected to the Overview page of the management, the cookie is already gone.

Types of Changes

What types of changes does your code introduce to this project?
Put an x in the boxes that apply

  • Bug fix (non-breaking change which fixes issue #NNNN)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause an observable behavior change in existing systems)
  • Documentation improvements (corrections, new content, etc)
  • Cosmetic change (whitespace, formatting, etc)
  • Build system and/or CI

@MarcialRosales MarcialRosales self-assigned this Mar 10, 2025
@MarcialRosales MarcialRosales force-pushed the mgt-oauth-login-without-redirect branch from cdc8f22 to 8847fe6 Compare March 11, 2025 09:50
@MarcialRosales MarcialRosales force-pushed the mgt-oauth-login-without-redirect branch from 4951e39 to e24ffbb Compare March 12, 2025 12:10
@MarcialRosales MarcialRosales force-pushed the mgt-oauth-login-without-redirect branch from 11dcbcd to 69b5486 Compare March 12, 2025 15:48
@MarcialRosales MarcialRosales marked this pull request as ready for review March 12, 2025 16:02
@michaelklishin michaelklishin merged commit ea5345e into main Mar 12, 2025
274 checks passed
@michaelklishin michaelklishin deleted the mgt-oauth-login-without-redirect branch March 12, 2025 19:16
@mergify mergify bot mentioned this pull request Mar 12, 2025
Merged
6 tasks
michaelklishin added a commit that referenced this pull request Mar 12, 2025
@michaelklishin
Merge pull request #13502 from rabbitmq/mergify/bp/v4.1.x/pr-13476
c320d0a 
Improve oauth2 idp-initiated login (backport #13476)
@mergify mergify bot mentioned this pull request Mar 12, 2025
Merged
6 tasks
michaelklishin added a commit that referenced this pull request Mar 12, 2025
@michaelklishin
Resolve conflicts #13507 #13476 #13502
02e5b07
michaelklishin added a commit that referenced this pull request Mar 13, 2025
@michaelklishin
Merge pull request #13507 from rabbitmq/mergify/bp/v4.0.x/pr-13502
573bdad 
Improve oauth2 idp-initiated login (backport #13476) (backport #13502)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@MarcialRosales MarcialRosales

Labels

backport-v4.1.x

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@MarcialRosales @michaelklishin