Skip to content

Commit

Permalink
STCOR-789-follow-up: Include /authn/token on the list of always-permi…
Browse files Browse the repository at this point in the history
…ssible API (#1452)

* STCOR-789: add /authn/token to always-permissible list. Refs STCOR-789

Include `/authn/token` on the list of always-permissible API in order to
allow OTP-for-cookie exchange on return from authentication. Without
this allowance in place, stripes will get stuck in a loop bouncing
between the authn-server (which believes, correctly, that the user has
authenticated) and stripes (which believes, wrongly, that the user has
not authenticated because its "valid AT?" check fails). The AT won't be
valid until after we get to exchange the OTP for an AT by visiting
`/authn/token`.

---------

Co-authored-by: Ryan Berger <[email protected]>
Co-authored-by: Zak Burke <[email protected]>
(cherry picked from commit f9d82f6)
  • Loading branch information
aidynoJ authored and zburke committed Apr 17, 2024
1 parent 25c345d commit 3fef2ba
Show file tree
Hide file tree
Showing 2 changed files with 2 additions and 2 deletions.
1 change: 1 addition & 0 deletions src/components/Root/FFetch.js
Original file line number Diff line number Diff line change
Expand Up @@ -95,6 +95,7 @@ export class FFetch {

const isPermissibleResource = (string) => {
const permissible = [
'/authn/token',
'/bl-users/forgotten/password',
'/bl-users/forgotten/username',
'/bl-users/login-with-expiry',
Expand Down
3 changes: 1 addition & 2 deletions src/loginServices.js
Original file line number Diff line number Diff line change
Expand Up @@ -458,7 +458,6 @@ export async function logout(okapiUrl, store) {
.then(localStorage.removeItem('tenant'))
.then(localforage.removeItem(SESSION_NAME))
.then(localforage.removeItem('loginResponse'))
.then(removeUnauthorizedPathFromSession)
.catch((error) => {
// eslint-disable-next-line no-console
console.log(`Error logging out: ${JSON.stringify(error)}`);
Expand Down Expand Up @@ -804,7 +803,7 @@ export function requestLogin(okapiUrl, store, tenant, data) {
method: 'POST',
mode: 'cors',
})
.then(resp => processOkapiSession(store, tenant, resp));
.then(resp => processOkapiSession(store, tenant, resp));
}
}

Expand Down

0 comments on commit 3fef2ba

Please sign in to comment.