Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Sign In Failed: TimeoutError: Timeout awaiting 'request' for 2500ms #1

Closed
SamuelBradley opened this issue Aug 6, 2021 · 5 comments
Closed

Sign In Failed: TimeoutError: Timeout awaiting 'request' for 2500ms #1

SamuelBradley opened this issue Aug 6, 2021 · 5 comments

Comments

@SamuelBradley
Copy link

Getting error when attempting to login using an OIDC connection.
Sign In Failed: TimeoutError: Timeout awaiting 'request' for 2500ms

Happens consistently on the first login attempt and usually works on the second attempt, with an OIDC connection to AWS Cognito. Doing some searching around the internets It may be linked to a default value in an OIDC middleware library. (https://devforum.okta.com/t/timeouterror-timeout-awaiting-request-for-2500ms/9878/5) Is the only related post on this issue I could find.

I've tried setting the timeout value for this plugin, but the default value of 10000ms already far exceeds the value cause an error.
@SamuelBradley
Copy link
Author

SamuelBradley commented Aug 6, 2021
edited
Loading

We are using version 1.1.0 of the plugin

- name: magda-auth-oidc
    version: 1.1.0
    repository: https://charts.magda.io
    tags:
      - all
      - magda-auth-oidc

@t83714
Copy link
Contributor

t83714 commented Aug 24, 2021

AWS cognito is not a standard OIDC implementation --- its implementation seems have some bug with URL encoding and incorrectly generate "nonce" when federate Active Directory.
We internally have a customised version to accommodate those issues --- I might release it sometime in future after make it more generic (it won't be in short term)
For your error, I suspect it's a different issue.

Have you add the OIDC issuer in your Magda config? Could you please provide your config?

@SamuelBradley
Copy link
Author

SamuelBradley commented Aug 24, 2021
edited
Loading

Thanks for the response this is our OIDC magda config

# Cognito OIDC config
# Note: `issuer` & `clientId` are supplied through the `magda-oidc-config` secret
magda-auth-oidc:
  authPluginConfig:
    name: "XT Users"
  issuerName: "xt-dev-cognito-oidc"
  scope: "openid email"
  timeout: 10000

@t83714
Copy link
Contributor

t83714 commented Aug 24, 2021

I don't think you can supplied "issuer" via secret?
It's passing from config here:

magda-auth-oidc/deploy/magda-auth-oidc/templates/deployment.yaml

Line 54 in ae58b51

"--issuer", {{ .Values.issuer | required "`issuer` is required for `magda-auth-oidc` chart." | quote }}

@t83714 t83714 mentioned this issue Oct 13, 2021
Merged
2 tasks
@t83714
Copy link
Contributor

t83714 commented Oct 13, 2021

@SamuelBradley
I think this PR: #3 might fix your timeout issue.
Could you please have a test to see if it solves your issue? Thanks!
You can use test release version 1.2.2-alpha.0 to test it.

@t83714 t83714 closed this as completed in 92357ed Aug 2, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@t83714 @SamuelBradley