question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Review use of pop-ups during OIDC flow

See original GitHub issue

Issue Summary

Most other integrations of Azure AD’s OIDC I get redirected and then back. With Alerta’s integration it’s handled via a pop-up which is blocked by default on modern browsers and iOS Safari. I can get around it by going to the browser’s settings and enable pop-ups though.

Environment

  • OS: [eg. Linux, Mac, Windows]

  • API version: [eg. 6.8.1]

  • Deployment: [eg. Docker, Heroku, AWS, GCloud, self-hosted]

  • For self-hosted, WSGI environment: [eg. nginx/uwsgi, apache/mod_wsgi]

  • Database: [eg. MongoDB, Postgres]

  • Server config: Auth enabled? Yes/No Auth provider? Google, GitHub, OpenID, Basic, LDAP, etc Customer views? Yes/No (or provide the /config endpoint output)

  • web UI version: [eg. 6.8.1]

  • CLI version: [eg. 6.8.1]

To Reproduce Steps to reproduce the behavior:

  1. Go to ‘…’
  2. Click on ‘…’ or Run ‘…’
  3. Scroll down to ‘…’
  4. See error (include command output)

For web app issues, include any web browser JavaScript console errors.

Expected behavior A clear and concise description of what you expected to happen.

Screenshots If applicable, add screenshots to help explain your problem.

Additional context Add any other context about the problem here.

NOTE: Please provide as much information about your issue as possible. Failure to provide basic details about your specific environment make it impossible to know if an issue has already been fixed, can delay a response and may result in your issue being closed without a resolution.

Issue Analytics

  • State:closed
  • Created 4 years ago
  • Comments:6 (6 by maintainers)

github_iconTop GitHub Comments

1reaction
escoandcommented, Mar 11, 2020

When the popup was blocked by Firefox and then opened only once without giving permission to open popups automatically, the auth results in a loop and the popup never closes.

0reactions
olivlucacommented, Jun 9, 2021

Oh, now I get it, it’s because alerta is a single page application and the popup is hardcoded here.

Read more comments on GitHub >

github_iconTop Results From Across the Web

OpenID Connect Authorization Code Flow | An Overview - Curity
A thorough explanation of the OpenID Connect Authorization Code Flow. Learn how to authenticate users and clients with OIDC.
Read more >
OpenID Connect Basic Client Implementer's Guide 1.0 - draft 42
Process used to achieve sufficient confidence in the binding between the Entity and the presented Identity. Authentication Request: OAuth 2.0 ...
Read more >
Use Code Model | Authorization - Google Developers
The Google Identity Services library enables users to request an authorization code from Google using either a browser based Popup or ...
Read more >
Create OIDC app integrations - Okta Documentation
This is a simpler flow, where Okta creates an ID token and posts it directly to the first redirect URI registered for the...
Read more >
Microsoft identity platform and OAuth 2.0 authorization code flow
Use the auth code flow paired with Proof Key for Code Exchange (PKCE) and OpenID Connect (OIDC) to get access tokens and ID...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found