Bug 1579746 - [3.7] Invalid request Client state could not be verified [NEEDINFO]
Summary: [3.7] Invalid request Client state could not be verified
Keywords:
Status: CLOSED NOTABUG
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Management Console
Version: 3.7.1
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
: 3.6.z
Assignee: Samuel Padgett
QA Contact: Yadan Pei
URL:
Whiteboard:
Depends On: 1537120
Blocks:
TreeView+ depends on / blocked
 
Reported: 2018-05-18 08:52 UTC by Nicolas Nosenzo
Modified: 2018-05-29 21:58 UTC (History)
9 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of: 1537120
Environment:
Last Closed: 2018-05-29 21:58:59 UTC
Target Upstream Version:
spadgett: needinfo? (nnosenzo)


Attachments (Terms of Use)


Links
System ID Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2018:1106 None None None 2018-05-18 08:52:30 UTC

Comment 1 Nicolas Nosenzo 2018-05-18 08:57:16 UTC
This is still reproducible on OCP v3.7.44 by following these steps:

1) Open tab A to the console, let it redirect you to the login page, DO NOT LOG IN
2) Open tab B to the console, let it redirect you to the login page
3) Complete the log in from tab B, it will succeed
4) Complete the log in from tab A, it will fail wth "Client state could not be verified"


The fix within the origin-web-common (PR [0]) repo is included only for versions 3.7.1 and 3.7.2 but not for 3.7.0, I'm wondering if we can check whether the correct origin-web-common repo was taken for v3.7.42+.



[0] https://github.com/openshift/origin-web-common/pull/286/files

Comment 2 Samuel Padgett 2018-05-18 16:23:57 UTC
The steps you list are expected. See

https://bugzilla.redhat.com/show_bug.cgi?id=1537120#c2

> What this will not change - once you log in through any of the tabs, the nonce will be destroyed so that it can not be reused, this is an intentional security measure. This means any other tabs still sitting on the log in page, you will not be able to just log in on those tabs, you will need to hit the back button to go back to the console.

Comment 3 Samuel Padgett 2018-05-18 16:46:55 UTC
Confirming that are you are able to login in using one of the tabs? It's only the second that fails?

Comment 4 Samuel Padgett 2018-05-29 21:58:59 UTC
Closing since this is working as intended based on the description.


Note You need to log in before you can comment on or make changes to this bug.