Viewers icon indicating copy to clipboard operation
Viewers copied to clipboard

Published 20 hours ago verified publisher icon OHIF

[Bug] 401 Unauthorised Error because of an old auth token used during coming back from study to studies list.

Open pavel-kaiko opened this issue 1 year ago • 4 comments

Describe the Bug

If we use authentication, such as Keycloak, with OHIF, we encounter an issue when returning from the study to the study list. Instead of returning, we encounter the 401 Error and are redirected to the /not found server URL. This happens if we spend with study more than 5 minutes (token refresh time).

Based on our investigation, the application uses an outdated token. It works as expected if we manually copy the latest refreshed token from the network tab and make a network call.

Steps to Reproduce

  1. Use OHIF with authentication.
  2. Go to the study page
  3. Stay on a study page longer than the token refresh time.
  4. Go to the studies list.

The current behavior

When we go to the studies list after a time longer than the token refresh cycle, we get the 401 Error.

The expected behavior

The OHIF application should update the token in the request properly, and we should be able to access the studies list without any issues.

OS

macOS 14.5 (23F79)

Node version

v18.20.3

Browser

125.0.6422.113 (Official Build) (arm64)

pavel-kaiko avatar May 29 '24 09:05 pavel-kaiko

The current state of OHIF utilizes the Implicit Flow. I have a plan to migrate our authentication to the Authorization Code with Refresh Token flow, allowing a refresh token to be used for maintaining the signed-in state.

sedghi avatar May 29 '24 16:05 sedghi

Thanks, @sedghi, for picking this up.

pavel-kaiko avatar May 30 '24 09:05 pavel-kaiko

related #4101

james-hanks avatar Jun 19 '24 17:06 james-hanks

Fixed here https://github.com/OHIF/Viewers/pull/4234

sedghi avatar Jul 09 '24 18:07 sedghi

We released OHIF 3.9 which address this issue

sedghi avatar Nov 13 '24 15:11 sedghi