Bug 1862934 - user is logged out only once when we have inactivityTimeoutSeconds in cm/console-config
Summary: user is logged out only once when we have inactivityTimeoutSeconds in cm/cons...
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Management Console
Version: 4.6
Hardware: Unspecified
OS: Unspecified
medium
medium
Target Milestone: ---
: 4.6.0
Assignee: Jakub Hadvig
QA Contact: Yadan Pei
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2020-08-03 09:14 UTC by Yadan Pei
Modified: 2020-10-27 16:22 UTC (History)
4 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2020-10-27 16:22:03 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Github openshift console pull 6189 0 None closed Bug 1862934: Trigger the inactivity logout method when Masthead component is mounted 2020-10-06 05:43:52 UTC
Red Hat Product Errata RHBA-2020:4196 0 None None None 2020-10-27 16:22:22 UTC

Description Yadan Pei 2020-08-03 09:14:18 UTC 
Description of problem:
user is logged out only once when we have inactivityTimeoutSeconds in cm/console-config

Version-Release number of selected component (if applicable):
4.6.0-0.nightly-2020-08-02-091622

How reproducible:
Always

Steps to Reproduce:
1. configure oauthclient/console with accessTokenInactivityTimeoutSeconds
$ oc edit oauthclient console
....
accessTokenInactivityTimeoutSeconds: 300
....
oauthclient.oauth.openshift.io/console edit
2. console pods will be recreated and cm/console-config will be updated accordingly
oc get cm console-config -n openshift-console -o yaml | grep inactivity
      inactivityTimeoutSeconds: 300
3. open console in browser, keep the tab open but do nothing, wait for 5 minutes even longer

Actual results:
3. After we added inactivityTimeoutSeconds the first time, user will be logged out after 5 minutes. But a user will never forced logout out again after that even he did nothing in console. 
In F12 console, we can print windows.SERVER_FLAGS.inactivity_timeout and its value is 300

Expected results:
3. User should be logged out if he hasn't perform operations for more than inactivityTimeoutSeconds

Additional info:
Comment 4 Yadan Pei 2020-08-12 05:35:12 UTC 
1. set accessTokenInactivityTimeoutSeconds with 300 for oauthclient/console 
# oc patch oauthclient console -p '{"accessTokenInactivityTimeoutSeconds":300}' --type='merge'
2. verify the value of inactivityTimeoutSeconds in cm/console-config
# oc get cm console-config -n openshift-console -o yaml | grep inactivity
      inactivityTimeoutSeconds: 300
3. user login and keep console open for more than 5 minutes, user will be forced logout
4. user login again and wait for another 5 minutes, he will be forced logged out again

Verified on 4.6.0-0.nightly-2020-08-10-233406
Comment 6 errata-xmlrpc 2020-10-27 16:22:03 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (OpenShift Container Platform 4.6 GA Images), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2020:4196
Note You need to log in before you can comment on or make changes to this bug.