search

canonical / identity-platform-login-ui

Login UI for the Canonical identity broker and identity provider solution
Apache License 2.0
10 stars 6 forks source link

Sign in page not loading correctly #247

Open natalian98 opened 3 months ago

natalian98 commented 3 months ago

The login logic is currently tied to hydra. If you try to go to /ui/reset_password without a session, you'll get redirected to sign in but the page will be shown as loading: image

This is due to missing login_challenge parameter value. Similar bug can be observed when going directly to http://localhost:4455/ui/login.

syncronize-issues-to-jira[bot] commented 3 weeks ago

Thank you for reporting us your feedback!

The internal ticket has been created: https://warthogs.atlassian.net/browse/IAM-1058.

This message was autogenerated

nsklikas commented 3 weeks ago

Not sure if this is what causes the bug or not, but in mulitple places in the frontend we are checking if the response from the backend contains a request_url (and sometimes we even redirect the user there), eg try to go to https://iam.dev.canonical.com/stg-identity-jaas-dev-login-ui/ui/reset_password. I thought we caught those on review, but it looks like some of these changes went through.

From a quick search:

I am pretty sure that this is not correct, but I am not sure what these checks are trying to accomplish. In a production environment all these are pointing to admin APIs, which are not exposed to the public internet. The request_url is the URL that the backend used to call Kratos, there is no reason to call the same URL from the frontend.

edlerd commented 2 weeks ago

I think this will be fixed as soon as https://github.com/canonical/identity-platform-login-ui/issues/281 is resolved.