Details
-
Task
-
Resolution: Fixed
-
L3 - Default
-
None
-
None
-
Not defined
Description
When a user logs out or is otherwise unauthorized (token expiry) in C8SM, they are shown the Optimize login page. However, this is never a page that the user should see in C8SM as authentication happens in Identity.
With this in mind, we should refresh the page when a 401 is returned to reinitiate the auth flow with Identity. We already do similar for C8SaaS.
AT:
- C8SM users are never shown the Optimize login page
- After logging out of Optimize, users are redirected to Identity
- If reauthenticated, the redirect back to Optimize is successful
Testing notes:
- Validate the ATs above
Notes:
- We should consider backporting this to the maintenance/3.9 branch too, because the Identity integration with log out also exists there
Testing notes:
- It should possible to logout out in platform and self-managed mode
- Logging out in platform mode takes you to the optimize login page
- Logging out in self-managed mode, takes you to keycloak login page
- We should also test what happens when the session times out in both cloud and self-managed
We can test this by deleting the cookies after logging in and trying to interact with Optimize. In this case, the page should refresh and new authentication cookies will be set, allowing the user to continue using Optimize with no issues.