vault UI: OIDC callback bug.

trafficstars

When implementing vault with our OIDC provider, the popup window never closes and the OIDC callback never succeeds. This is because the main window is listening for message events from the popup window. However, in our OIDC consent page other message events originating from Intercom are sent and these break the callback handling. This is because the code implemented in https://github.com/hashicorp/vault/pull/13133 will error if the first message event is not the one Vault expects. This PR effectively inverses the if statement so that the while loop will function properly and wait for the proper event to catch.

The events listed in the browser by executing monitorEvents(window,"message") in the browser console:

The popup window for the OIDC login flow that is being referred to:

Nov 29 '22 15:11 davidspek

All committers have signed the CLA.

Nov 29 '22 15:11 hashicorp-cla

Thank you for this contribution @DavidSpek! Would you please add a changelog file and we can get this merged?

Nov 29 '22 15:11 hashishaw

@hashishaw Thanks for the extremely quick response. I've added a changelog file and I believe all CI checks have passed.

Nov 29 '22 16:11 davidspek

I'm not sure why that docker CI test is failing. I don't think it is related to this code change.

Nov 29 '22 17:11 davidspek

@hashishaw friendly reminder ping as I know how easy it is for a PR to get lost in the noise.

Dec 01 '22 10:12 davidspek

@hashishaw @austingebauer Friendly reminder that this PR is still pending.

Dec 19 '22 11:12 davidspek

@DavidSpek @hashishaw - I can give this a review / test as well 👍

Dec 19 '22 16:12 austingebauer

Since renaming the branch causes this PR to be closed, please have a look at https://github.com/hashicorp/vault/pull/18521.

Dec 22 '22 12:12 davidspek

vault vault copied to clipboard

UI: OIDC callback bug.

vault
vault copied to clipboard