Skip to content

Reverse Proxy logout opens a popup window instead of redirecting in the same tab #4417

Description

@eliaspekkala

Is your feature request related to a problem? Please describe.

After configuring "Reverse proxy header authentication", clicking logout in CloudBeaver opens the logout-url in a new popup window instead of redirecting the active tab. This breaks the logout flow: the main CloudBeaver tab is stuck with a loading spinner, while the popup window loads the proxy login page. So after logout, the user has to close the popup and refresh the main tab to get it to the expected state.

{
  "id": "reverseProxy",
  "provider": "reverseProxy",
  "displayName": "Reverse Proxy",
  "parameters": {
    "user-header": "X-User",
    "team-header": "X-Team",
    "logout-url": "/oauth2/sign_out" <----------
  }
}

Describe the solution you'd like

Maybe we could add a configuration option to allow full-page redirects instead of a popup window?

The popup logic seems hardcoded in webapp/packages/plugin-authentication/src/AuthenticationService.ts:

  private handleRedirectLinks(userLogoutInfo: UserLogoutInfo) {
    const redirectLinks = userLogoutInfo.redirectLinks;

    if (redirectLinks.length) {
      const url = redirectLinks[0];
      const id = `okta-logout-id-${uuid()}`;

      const popup = this.windowsService.open(id, {
        url,
        target: id,
        width: 600,
        height: 700,
      });

      if (popup) {
        popup.blur();
        window.focus();
      }
    }
  }

A new option could allow reverse proxy setups to bypass the popup without changing existing behavior for other providers:

  private handleRedirectLinks(userLogoutInfo: UserLogoutInfo) {
    const redirectLinks = userLogoutInfo.redirectLinks;

    if (redirectLinks.length) {
      const url = redirectLinks[0];

      // Redirect in the same tab if the new sameTabRedirectOnLogout option is enabled
      if (this.serverConfigResource.sameTabRedirectOnLogout) {
        if (url) {
          window.location.href = url;
        }
        return;
      }

      // Keep existing popup window behavior when the option is not enabled
      const id = `okta-logout-id-${uuid()}`;
      const popup = this.windowsService.open(id, {
        url,
        target: id,
        width: 600,
        height: 700,
      });

      if (popup) {
        popup.blur();
        window.focus();
      }
    }
  }

Any other ideas? Or can I configure CloudBeaver differently to avoid this issue?

Metadata

Metadata

Assignees

No one assigned

    Type

    Fields

    No fields configured for Bug.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions