Blank Page After Project Grant for IDP User Through API

[estein9825]

Expected vs actual behavior

Recently we ran into the following issue. An IDP user logged into the system and saw the "no projects found" page. They were then added into the appropriate group containing access to projects. They then refreshed the page and the normal homepage came up, however it was blank.

Looking at the network browser, it appeared that the organization and partner values were null.

Some users were able to bypass this issue by opening up a new browser in incognito mode or a private window, while others had to clear their cache before doing that. Still others couldn't bypass it at all until a certain time had passed.

The problematic area is from here: https://github.com/paralus/dashboard/blob/d7cd410ad6c5221280ac74fd6fadcc6242e3912c/src/actions/Projects.js#L3

I assume that means that the localstorage has null values initialized in it and need to somehow be cleared out before the webpage will show again? Theoretically a logout should take care of this, but I guess Okta/Kratos prevents this? I do know that kratos has a session like regular local storage.

Is there a way to easily bypass this?

Steps to reproduce the bug

1. Log into the webpage with Okta, see the "No projects found" page
2. Create a project through the API
3. Create a new group with a user assigned to the group and the group assigned to the project.
4. Refresh the page

Are you using the latest version of the project?

You can check your version by running helm ls|grep '^<deployment-name>' or using pctl, pctl version, and provide the output.

VERSION: 0.1.0
BUILD: 0.1.0
BUILD-TIME: 1656329967
ARCH: darwin/amd64

What is your environment setup? Please tell us your cloud provider, operating system, and include the output of kubectl version --output=yaml and helm version. Any other information that you have, eg. logs and custom values, is highly appreciated!

Kubectl

clientVersion:
  buildDate: "2022-08-23T17:44:59Z"
  compiler: gc
  gitCommit: a866cbe2e5bbaa01cfd5e969aa3e033f3282a8a2
  gitTreeState: clean
  gitVersion: v1.25.0
  goVersion: go1.19
  major: "1"
  minor: "25"
  platform: darwin/amd64
kustomizeVersion: v4.5.7
serverVersion:
  buildDate: "2022-11-29T18:41:42Z"
  compiler: gc
  gitCommit: 52e500d139bdef42fbc4540c357f0565c7867a81
  gitTreeState: clean
  gitVersion: v1.22.16-eks-ffeb93d
  goVersion: go1.16.15
  major: "1"
  minor: 22+
  platform: linux/amd64

Helm

version.BuildInfo{Version:"v3.10.3", GitCommit:"835b7334cfe2e5e27870ab3ed4135f136eecc704", GitTreeState:"clean", GoVersion:"go1.19.4"}

(optional) If you have ideas on why the bug happens or how it can be solved, please provide it here

Removing the user from the group within paralus UI and then readding them manually got it to work.

• [ X] I've described the bug, included steps to reproduce it, and included my environment setup with all customizations.
• [ X] I'm using the latest version of the project.

[estein9825]

I had created the groups via the API without specifying the "type" value. Meaning that they were only viewable within the groups page and I could only delete them through the API, not through the dashboard. I could not be selected from the IDP user group add either. I believe that is what caused the unusual behavior. I then updated the groups to have the "SYSTEM" type and will see if the issue occurs again.

[estein9825]

Issue still occurs despite having that option. Again, only removing them and readding them appears to help. But I have to wait for the "no projects found" page to come back first. Then have them log out of okta, add them back to groups, then log back in.

And even then it doesn't always work.

[divyanjali1]

I am facing similar issue. I have deployed paralus and logged in with default user , there I was able to see projects and was able to download bootstrap yaml to register cluster. With that I was able to register to cluster , but able to connect to prompt

To check if I will be able to connect with different user , I have created a new user and logged in with that user. Then I was not able to view anything , only blank screen comes up after logging in. I have tried in incognito mode , cleared cache in existing browser. But nothing worked. Need some help here.

Thank you

[estein9825]

The way I got around it was sadly to modify the local storage with the partner name and id and organization name and id so that I could then see the "My Tools" section and download the kubeconfig to be used. That was definitely not something I wanted to do. I haven't tried in the latest version of paralus yet though.

[niravparikh05]

@estein9825 @divyanjali1 just following up to check if this was related to browsers' local storage and were you able to get this working ?

[estein9825]

The local storage trick does work some times and other times it does not. I haven’t tested with the latest version of paralus so I’m not certain.

[divyanjali1]

@niravparikh05 I did try with instructions in browsers' local storage but it didn't work for me

[niravparikh05]

@estein9825 @divyanjali1 is this still prevalent ? or were you guys able to get past it ? If you can share some insights on how you were able to work around this problem we can have a look and decide on how to progress further.

[estein9825]

We haven’t upgraded to the latest version yet so not sure if it’s fixed. But with 0.2.0 we had to manually remove the user, have them log out, manually add the user, and log back in and then maybe it works. Refreshing also may/may not work.

[estein9825]

Just tested with 0.2.5 with only a single user. Went from 0.2.0 upgrade to 0.2.5, created the new user got a blank page when I logged in through okta.