Is your feature request related to a problem? Please describe.
After configuring "Reverse proxy header authentication", clicking logout in CloudBeaver opens the logout-url in a new popup window instead of redirecting the active tab. This breaks the logout flow: the main CloudBeaver tab is stuck with a loading spinner, while the popup window loads the proxy login page. So after logout, the user has to close the popup and refresh the main tab to get it to the expected state.
{
"id": "reverseProxy",
"provider": "reverseProxy",
"displayName": "Reverse Proxy",
"parameters": {
"user-header": "X-User",
"team-header": "X-Team",
"logout-url": "/oauth2/sign_out" <----------
}
}
Describe the solution you'd like
Maybe we could add a configuration option to allow full-page redirects instead of a popup window?
The popup logic seems hardcoded in webapp/packages/plugin-authentication/src/AuthenticationService.ts:
private handleRedirectLinks(userLogoutInfo: UserLogoutInfo) {
const redirectLinks = userLogoutInfo.redirectLinks;
if (redirectLinks.length) {
const url = redirectLinks[0];
const id = `okta-logout-id-${uuid()}`;
const popup = this.windowsService.open(id, {
url,
target: id,
width: 600,
height: 700,
});
if (popup) {
popup.blur();
window.focus();
}
}
}
A new option could allow reverse proxy setups to bypass the popup without changing existing behavior for other providers:
private handleRedirectLinks(userLogoutInfo: UserLogoutInfo) {
const redirectLinks = userLogoutInfo.redirectLinks;
if (redirectLinks.length) {
const url = redirectLinks[0];
// Redirect in the same tab if the new sameTabRedirectOnLogout option is enabled
if (this.serverConfigResource.sameTabRedirectOnLogout) {
if (url) {
window.location.href = url;
}
return;
}
// Keep existing popup window behavior when the option is not enabled
const id = `okta-logout-id-${uuid()}`;
const popup = this.windowsService.open(id, {
url,
target: id,
width: 600,
height: 700,
});
if (popup) {
popup.blur();
window.focus();
}
}
}
Any other ideas? Or can I configure CloudBeaver differently to avoid this issue?
Is your feature request related to a problem? Please describe.
After configuring "Reverse proxy header authentication", clicking logout in CloudBeaver opens the
logout-urlin a new popup window instead of redirecting the active tab. This breaks the logout flow: the main CloudBeaver tab is stuck with a loading spinner, while the popup window loads the proxy login page. So after logout, the user has to close the popup and refresh the main tab to get it to the expected state.{ "id": "reverseProxy", "provider": "reverseProxy", "displayName": "Reverse Proxy", "parameters": { "user-header": "X-User", "team-header": "X-Team", "logout-url": "/oauth2/sign_out" <---------- } }Describe the solution you'd like
Maybe we could add a configuration option to allow full-page redirects instead of a popup window?
The popup logic seems hardcoded in
webapp/packages/plugin-authentication/src/AuthenticationService.ts:A new option could allow reverse proxy setups to bypass the popup without changing existing behavior for other providers:
Any other ideas? Or can I configure CloudBeaver differently to avoid this issue?