Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Invalid CSRF token error during authentication: OAuth2 Proxy update needed #21861

Closed
timurkhis opened this issue Dec 4, 2022 · 1 comment
Closed

Invalid CSRF token error during authentication: OAuth2 Proxy update needed #21861

timurkhis opened this issue Dec 4, 2022 · 1 comment
Labels
area/che-operator Issues and PRs related to Eclipse Che Kubernetes Operator kind/bug Outline of a bug - must adhere to the bug report template. severity/P1 Has a major impact to usage or development of the system.
Milestone
7.58

Comments

@timurkhis
Copy link

Describe the bug

Che operator depends on deprecated version of oauth2-proxy which causes SSO issues with csrf token.

Here is a well known third-party bug coming from oauth2-proxy 7.2.0 (currently used by che-operator):
oauth2-proxy/oauth2-proxy#817

The fix is merged and included in version 7.4.0:
oauth2-proxy/oauth2-proxy#1708

Could you please upgrade the oauth2-proxy dependency version?

Original issue:

  1. Configure the Che instance to use and SSO authentication service (for example Okta);
  2. Open one tab to the Che address and wait for the login form to appear;
  3. Open a second tab to the same Che;
  4. Log in in one of the tabs;

Expected result: the login process is successful
Actual result: unhandled error is returned: Login Failed: Unable to find a valid CSRF token. Please try again

Che version

7.57@latest

Steps to reproduce

  1. Configure the Che instance to use and SSO authentication service (for example Okta);
  2. Open one tab to the Che address and wait for the login form to appear;
  3. Open a second tab to the same Che;
  4. Log in in one of the tabs;

Expected result: the login process is successful
Actual result: unhandled error is returned: Login Failed: Unable to find a valid CSRF token. Please try again

Expected behavior

Login success

Runtime

other (please specify in additional context)

Screenshots

No response

Installation method

chectl/latest

Environment

Linux

Eclipse Che Logs

No response

Additional context

microk8s
@timurkhis timurkhis added the kind/bug Outline of a bug - must adhere to the bug report template. label Dec 4, 2022
@che-bot che-bot added the status/need-triage An issue that needs to be prioritized by the curator responsible for the triage. See https://github. label Dec 4, 2022
@tolusha tolusha mentioned this issue Dec 5, 2022
Merged
10 tasks
@tolusha
Copy link
Contributor

tolusha commented Dec 5, 2022

@timurkhis
Pls, have a look eclipse-che/che-operator#1574

@l0rd l0rd added severity/P1 Has a major impact to usage or development of the system. area/che-operator Issues and PRs related to Eclipse Che Kubernetes Operator and removed status/need-triage An issue that needs to be prioritized by the curator responsible for the triage. See https://github. labels Dec 6, 2022
@l0rd l0rd changed the title [che-operator] SSO issue coming from oauth2-proxy 7.2.0 Invalid CSRF token error during authentication: OAuth2 Proxy update needed Dec 6, 2022
@tolusha tolusha closed this as completed Dec 6, 2022
@tolusha tolusha added this to the 7.58 milestone Dec 6, 2022
@Ex4amp1e Ex4amp1e mentioned this issue Apr 6, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
area/che-operator Issues and PRs related to Eclipse Che Kubernetes Operator kind/bug Outline of a bug - must adhere to the bug report template. severity/P1 Has a major impact to usage or development of the system.
Projects
None yet
Milestone
7.58
Development

No branches or pull requests
4 participants
@l0rd @tolusha @timurkhis @che-bot