Bug #29270: Implement refresh token mechanism for SSO - Foreman

Custom queries

3.10.0 release DONE
3.10.0 release TODO
3.11.0 release DONE
3.11.0 release TODO
3.8.1 release DONE
3.8.1 release TODO
3.9.2 release DONE
3.9.2 release TODO
All bugs by votes
All issues closed in the last 3 weeks
Easy and Trivial Issues
Easy Issues (only)
Foreman - new open issues in last 10 days
Good first issues - Foreman core
high prio open bugs
Host registration [open]
Mine
My issues closed in the last 3 weeks
old bugs
Open with target version set (aka blockers)
registration
taken-none
Team Atlas untriaged bugs
templates
Trivial Issues
Untriaged and opened in the past two weeks

Actions

Copy link

Bug #29270

closed

Implement refresh token mechanism for SSO

Added by Rahul Bajaj about 4 years ago. Updated almost 4 years ago.

Status:

Duplicate

Priority:

Normal

Assignee:

Rahul Bajaj

Category:

Authentication

Target version:

Difficulty:

Triaged:

Bugzilla link:

1798489

Pull request:

Fixed in Releases:

Found in Releases:

Red Hat JIRA:

Related issues 1 (0 open — 1 closed)

Is duplicate of Foreman - Bug #29744: Consistent session expiry for oidc external users

Closed

Rahul Bajaj

Actions

Issue # Delay: days Cancel

History
Notes
Property changes

Actions

Copy link

Updated by Rahul Bajaj about 4 years ago

Description of problem:
If Access Token Lifespan is set to 5 mins then the user is getting sign out instead after idle SSO timeout

Version-Release number of selected component (if applicable):
Satellite 6.7 Snap 10

How reproducible:
Always

Steps to Reproduce:
1. Setup the Satellite with RHSSO instance and Keep Access Token Lifespan = 5 min
2. Keep SSO Session Idle = 30 mins
3. Setup the Smart Card with firefox browser and login using a smart card in Satellite
4. Go Idle for 5 mins
5. User is getting Signout from the application after 5 mins instead of 30 mins of idle session

Actual results:
User is getting Signout

Expected results:
User should not get Signout

Additional info:
This seems to be an issue with a refresh token if JWT token got expired, need to renew with the use of Refresh Token.

Actions

Copy link