[BE] Fluxo de Autenticação não configura cookies de autenticação prejudicando ambiente em que mdmCdsShortURLAuthentication=true
Description
How to reproduce
How it works:
- Access Carol through Carol’s URL
- Login (using carol’s normal flow)
- You open the Carol App Clockin and it works as expected.
- You are able to see the images.
How it does not work
- Incognito browser
- Access the clockin directly through its url: https://icomon.carol.ai/icomon/apps/clockinapp
- It redirects to our login app flow.
- You login
- You try yo access images, and it does not work.
The following endpoint created the cookies:
curl -X 'GET' \
'https://api.carol.ai/api/v1/oauth2/token/TOKEN' \
-H 'accept: application/json'
Expected behavior
- We have to write the cookies when generating the token, on these two flows:
- The endpoint
token
(responsible for the login flow) should define the cookies, today we noticed that the endpoint to get the details of the token is responsible to define the cookie, and no app calls it. - The endpoint
api/v1/saml/ACS
is responsible when receiving the authentication from any IDP. We have to write the cookies here also,
- The endpoint
Quick solution to avoid blockers on clockin:
PRDE-3436: [FE] Tela de autenticação não configura cookies de autenticação prejudicando ...Done
- Jira TOTVS issue: https://jiraproducao.totvs.com.br/browse/DLABSCAPL-4077
- Attachments:
https://jiraproducao.totvs.com.br/secure/attachment/2229819/image-2024-02-08-10-48-14-749.png; https://jiraproducao.totvs.com.br/secure/attachment/2229818/image-2024-02-08-10-48-30-075.png
TABELA 01 - Questões Gerais
Questões gerais (obrigatórias) | Respostas |
---|---|
1) Qual o seu segmento TOTVS? | Resposta: TOTVS RH |
2) Qual o produto / Carol APP relacionado? | Resposta: clockinapp |
3) Informe o ambiente impactado: | https://icomon.carol.ai/icomon |
4) Informe a fase/estágio | ( ) É um Projeto ( X ) É cenário em Produção |
5) Informe a prioridade desta issue. |
|
Informe o tipo de problema/dúvida que descreve a sua situação. | O ambiente https://icomon.carol.ai/icomon é apenas um exemplo, este item ocorre em todos os clientes. Percebemos que os cookies de autenticação são setados nas telas da Carol porém não na tela de autenticação da Carol, prejudicando o fluxo quando o usuário final entra direto no frontend web do carolapp. Este problema ocorre apenas com os cookies, as informações guardadas no localstorage são configuradas corretamente. Unable to render embedded object: File (UNKNOWN_MEDIA_image-2024-02-08-10-48-14-749.png) not found. Não configurando corretamente os cookies de autenticação as imagens não são exibidas quando a autenticação do shorturl está ativada: Unable to render embedded object: File (UNKNOWN_MEDIA_image-2024-02-08-10-48-30-075.png) not found. |
Activity
Show:
This issue was automatically transitioned to REGRESSION, as its PR was just merged into qa branch in Github.
This issue was automatically transitioned to TESTED & MERGED, as its PR was just merged into develop branch in Github. PR Approved by olivandre,douglascoimbra.
Github user douglascoimbra has just approved a PR (added as Shard Assignee in this Jira issue).
fix: https://totvslabs.atlassian.net/browse/CAPL-5509#icft=CAPL-5509 authorization cookie set when login using /token or saml auth
This issue was automatically transitioned to QA REVIEW, as its PR was just approved in Github.
@Gabriel DAmore Marciano Card validated by the QA team. It is pending only the code review
IDENTITY CONFIGURED
LOGIN SAML WITHOUT COOKIES
This issue was automatically transitioned to REVIEW, as its PR (not DRAFT and not WIP) was just created in Github.
fix: https://totvslabs.atlassian.net/browse/CAPL-5509#icft=CAPL-5509 authorization cookie set when login using /token or saml auth
@MARCOS STUMPF ,
@Gabriel DAmore Marciano ,
This issue was planned to be delivered until 2024-03-01. You can check that by consulting the issue in the Due Date field.
Dates already planned for this issue: 2024-03-01
If External Issue Link field is filled, customer was also informed on JIRA TOTVS.