Open natalian98 opened 3 months ago
Thank you for reporting us your feedback!
The internal ticket has been created: https://warthogs.atlassian.net/browse/IAM-1058.
This message was autogenerated
Not sure if this is what causes the bug or not, but in mulitple places in the frontend we are checking if the response from the backend contains a request_url
(and sometimes we even redirect the user there), eg try to go to https://iam.dev.canonical.com/stg-identity-jaas-dev-login-ui/ui/reset_password. I thought we caught those on review, but it looks like some of these changes went through.
From a quick search:
I am pretty sure that this is not correct, but I am not sure what these checks are trying to accomplish. In a production environment all these are pointing to admin APIs, which are not exposed to the public internet. The request_url
is the URL that the backend used to call Kratos, there is no reason to call the same URL from the frontend.
I think this will be fixed as soon as https://github.com/canonical/identity-platform-login-ui/issues/281 is resolved.
The login logic is currently tied to hydra. If you try to go to
/ui/reset_password
without a session, you'll get redirected to sign in but the page will be shown as loading:This is due to missing
login_challenge
parameter value. Similar bug can be observed when going directly to http://localhost:4455/ui/login.