Description of problem: user is logged out only once when we have inactivityTimeoutSeconds in cm/console-config Version-Release number of selected component (if applicable): 4.6.0-0.nightly-2020-08-02-091622 How reproducible: Always Steps to Reproduce: 1. configure oauthclient/console with accessTokenInactivityTimeoutSeconds $ oc edit oauthclient console .... accessTokenInactivityTimeoutSeconds: 300 .... oauthclient.oauth.openshift.io/console edit 2. console pods will be recreated and cm/console-config will be updated accordingly oc get cm console-config -n openshift-console -o yaml | grep inactivity inactivityTimeoutSeconds: 300 3. open console in browser, keep the tab open but do nothing, wait for 5 minutes even longer Actual results: 3. After we added inactivityTimeoutSeconds the first time, user will be logged out after 5 minutes. But a user will never forced logout out again after that even he did nothing in console. In F12 console, we can print windows.SERVER_FLAGS.inactivity_timeout and its value is 300 Expected results: 3. User should be logged out if he hasn't perform operations for more than inactivityTimeoutSeconds Additional info:
1. set accessTokenInactivityTimeoutSeconds with 300 for oauthclient/console # oc patch oauthclient console -p '{"accessTokenInactivityTimeoutSeconds":300}' --type='merge' 2. verify the value of inactivityTimeoutSeconds in cm/console-config # oc get cm console-config -n openshift-console -o yaml | grep inactivity inactivityTimeoutSeconds: 300 3. user login and keep console open for more than 5 minutes, user will be forced logout 4. user login again and wait for another 5 minutes, he will be forced logged out again Verified on 4.6.0-0.nightly-2020-08-10-233406
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (OpenShift Container Platform 4.6 GA Images), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2020:4196