search

hashicorp / boundary

Boundary enables identity-based access management for dynamic infrastructure.
https://boundaryproject.io
Other
3.84k stars 287 forks source link

Boundary Desktop oauth expiration behavior #1997

Open NegativeFeedback opened 2 years ago

NegativeFeedback commented 2 years ago

Describe the bug When using Boundary Desktop with a oidc auth method if you delete the oidc session token or let it expire it drops you into a 403 permission page. If a user click the dropdown and deauthenticates it gives you an option to reauth but I have clicked the disconnect button most of the time forcing me to readd boundary server and then reauth. Ideally when the token expires it should just drop you into that login page without user interaction.

To Reproduce Steps to reproduce the behavior:

  1. Using a bounday oauth method login to boundary desktop
  2. let the session expire or delete session in oidc provider
  3. Boundary Desktop shows permission page

Expected behavior Ideally when the token expires it should just drop you into that login page without user interaction.

Additional context Add any other context about the problem here.

covetocove commented 2 years ago

Thanks @NegativeFeedback! We will investigate this and add to our product backlog. In the meantime we will keep this issue open so that it can receive upvotes from the community to inform its backlog priority.