Open jsoref opened 2 years ago
looks like a temp issue, did u refresh and tried again?
I'm not interested in that. I want the error page changed.
Still an issue
Getting the same error using AWS Cognito with AWS SSO as SAML provider.
Not entirely certain about the caller, it's one of these two: https://github.com/argoproj/argo-cd/blob/fd8ecf49b2ad2acc5227c8a899354e39a7b51ea1/util/oidc/oidc.go#L321-L342 https://github.com/argoproj/argo-cd/blob/fd8ecf49b2ad2acc5227c8a899354e39a7b51ea1/util/oidc/oidc.go#L422-L433
In any case, the fix would be to replace http.Error
calls with something else....
Half a proposal:
Replace them with an http.Redirect
call to the login page with a query parameter containing the error. (And have the login page check for the parameter and show a toast when it's present.)
Alternate proposal: add enough code so that http.Error
can render a pretty page containing the error and a link to the login page.
I don't really have a particular preference between these two approaches. The advantage of retaining http.Error
is that if a non web browser is trying to follow this flow, it would get to keep the error status. In terms of code, I suspect that the go
code to make a pretty html page inside http.Error
would be more painful than writing handling for the login page to show the toast. But I could be wrong on all points.
same problem with argocd v2.5.1 and gitlab as OIDC provider
We're seeing this currently with v2.5.4+86b2dde
To replicate I log out + clear cookies. Navigate to ArgoCD URL (argocd.domain.com) Click "Login with Auth0"
Error Displayed: failed to get token: oauth2: cannot fetch token: 401 Unauthorized Response: {"error":"access_denied","error_description":"Unauthorized"}
Refresh: data length is less than nonce size
If you then manually refresh to argocd.domain.com the page loads without issue.
Note: If you login via this URL: argocd.domain.com/login?return_url=https%3A%2F%2Fargocd.domain.com%2Fapplications everything seems to work.
Same issue for me... I've configured ArgoCD with OIDC to log in via Azure AD and I'm getting the same error.
This method works for me:
Note:
If you login via this URL: argocd.domain.com/login?return_url=https%3A%2F%2Fargocd.domain.com%2Fapplications everything seems to work.
Hello, are you still experiencing this issue? the workaround provided doesn't work for me as my main endpoint is already argocd.domain.com/login?return_url=https%3A%2F%2Fargocd.domain.com%2Fapplications
Experiencing this issue as well.
Same here with ArgoCD v2.11 and Keycloak V23
Same issue here on v2.11.. Workaround does not work..
Checklist:
argocd version
.Describe the bug
I was trying to visit argocd while it was upgrading from an older version after having not visited it in a bit.
I got the login page and clicked the button to log in via github
My browser was redirected to a top level page of the form:
The initial message had an error (I can't recall the error).
I tried reloading the page and then got a page with:
data length is less than nonce size
To Reproduce
Expected behavior
Ideally users would get a pretty error page with access to the various login buttons
Screenshots
Version
Logs