Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Authservice should not drop requests when invoking callback url after session expiration #91

Closed
tylerschultz opened this issue Apr 9, 2020 · 0 comments · Fixed by #92
Closed

Authservice should not drop requests when invoking callback url after session expiration #91

tylerschultz opened this issue Apr 9, 2020 · 0 comments · Fixed by #92

Comments

@tylerschultz
Copy link

If a user were to take too long to log in (a time period longer than the session timeout), the user's request will be dropped by envoy leaving the user waiting for the authservice to redirect to the app url, which will never happen. The auth service should return an http response explaining what has happened.
tylerschultz pushed a commit that referenced this issue Apr 9, 2020
@margocrawf @tylerschultz
Envoy to return 400 status instead of dropping request
6444c99 
Cause Envoy to return 400 status code when accessing callback url
when session is expired. This may happen if the user is redirected to
the IdP and takes more time to log in than the session timeout

Fixes #91

Signed-off-by: Tyler Schultz <[email protected]>
@tylerschultz tylerschultz mentioned this issue Apr 9, 2020
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Envoy to return 400 status instead of dropping request istio-ecosystem/authservice
1 participant
@tylerschultz