Skip to content

End keycloak session if user is not authorized #334

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
May 31, 2024
Merged

End keycloak session if user is not authorized #334

merged 2 commits into from
May 31, 2024

Conversation

calvinlu3
Copy link
Contributor

This fixes https://github.com/oncokb/oncokb-pipeline/issues/394

Changes

  1. If the user is unauthorized (not in our mysql database), the keycloak session should be terminated.
  2. Update logged out screen to give more information

Unauthorized login:
image

Logged out:
image

@calvinlu3 calvinlu3 requested a review from zhx828 May 30, 2024 14:32
zhx828
zhx828 approved these changes May 30, 2024
View reviewed changes
Copy link
Member

@zhx828 zhx828 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good, minor comments.

src/main/webapp/app/pages/login/logout.tsx Outdated
Comment on lines 14 to 19
return !!searchParams.get('session_terminated');
}, [props.location.search]);

componentDidMount() {
this.props.logout();
}
const unauthorizedAccess = useMemo(() => {
const searchParams = new URLSearchParams(props.location.search);
return !!searchParams.get('unauthorized');
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

For these search params, can we leave them in a centralized place as constants?

src/main/webapp/app/pages/login/logout.tsx
if (this.props.logoutUrl) {
window.location.href = this.props.logoutUrl;
useEffect(() => {
if (unauthorizedAccess && !sessionTerminated) {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This logic should be in a method.

@calvinlu3 calvinlu3 merged commit 894035d into oncokb:rc May 31, 2024
@calvinlu3 calvinlu3 deleted the fix-unauth-login branch May 31, 2024 15:00
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@zhx828 zhx828 zhx828 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@calvinlu3 @zhx828