Uploaded image for project: 'Nuxeo Platform'
  1. Nuxeo Platform
  2. NXP-27635

Disconnecting/reconnecting from CAS should not display sw.js

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 10.10
    • Fix Version/s: 10.10-HF20, 11.1
    • Component/s: Authentication, OAuth
    • Environment:
      Several customers reported this on several OS and browsers
      Reproduced on FireFox on Win10 and Ubuntu 19.4
    • Release Notes Summary:
      Disconnecting/reconnecting from CAS works as expected
    • Tags:
    • Backlog priority:
      850
    • Browser:
    • Sprint:
      nxNS Sprint 11.1.8, nxNS Sprint 11.1.10, nxNS Sprint 11.1.11, nxNS Sprint 11.1.12, nxNS Sprint 11.1.13, nxNS Sprint 11.1.14
    • Story Points:
      3

      Description

      This issue happens systematically with CAS (and sometimes with OAuth2 or OKTA, with different reproduction steps)

      How to reproduce:

      1. setup your CAS instance
      2. make your nuxeo 10.10+ HTTPS-ed (mandatory step: see https://developers.google.com/web/fundamentals/primers/service-workers/ )
      3. clear your Firefox browser cache
      4. invoke https://nuxeo:port/nuxeo and login in CAS => works
      5. logout from nuxeo
      6. invoke https://nuxeo:port/nuxeo and login in CAS => fails and displays either sw.js?ts=\<timestamp\> or workbox/workbox-sw.js
        e.g.
        var workbox=function(){"use strict";try{self.workbox.v["workbox:sw:3.6.3"]=1}catch(t){}const t="https://storage.googleapis.com/workbox-cdn/releases/3.6.3",e={backgroundSync:"background-sync",broadcastUpdate:"broadcast-cache-update",cacheableResponse:"cacheable-response",core:"core",expiration:"cache-expiration",googleAnalytics:"google-analytics",navigationPreload:"navigation-preload",precaching:"precaching",rangeRequests:"range-requests",routing:"routing",strategies:"strategies",streams:"streams"};return new class{constructor(){return this.v={},this.t={debug:"localhost"===self.location.hostname,modulePathPrefix:null,modulePathCb:null},this.e=this.t.debug?"dev":"prod",this.s=!1,new Proxy(this,{get(t,s){if(t[s])return t[s];const o=e[s];return o&&t.loadModule(`workbox-${o}`),t[s]}})}setConfig(t={}){if(this.s)throw new Error("Config must be set before accessing workbox.* modules");Object.assign(this.t,t),this.e=this.t.debug?"dev":"prod"}skipWaiting(){self.addEventListener("install",()=>self.skipWaiting())}clientsClaim(){self.addEventListener("activate",()=>self.clients.claim())}loadModule(t){const e=this.o(t);try{importScripts(e),this.s=!0}catch(s){throw console.error(`Unable to import module '${t}' from '${e}'.`),s}}o(e){if(this.t.modulePathCb)return this.t.modulePathCb(e,this.t.debug);let s=[t];const o=`${e}.${this.e}.js`,r=this.t.modulePathPrefix;return r&&""===(s=r.split("/"))[s.length-1]&&s.splice(s.length-1,1),s.push(o),s.join("/")}}}();
        
        //# sourceMappingURL=workbox-sw.js.map

        or

        importScripts('workbox/workbox-sw.js');
        workbox.loadModule('workbox-strategies');
        
        self.addEventListener('install', event => {
          self.skipWaiting();
        
          const params = new URL(self.location.href).searchParams;
          if (params.has('ts')) {
            workbox.routing.registerRoute(/\.*\.(html|js)$/, async ({url, event}) => {
              const strategy = workbox.strategies.networkFirst();
              const request = new Request(`${url}?ts=${params.get('ts')}`, {credentials: 'same-origin'});
              return await strategy.makeRequest({event, request});
            });
          }
        });
        

      Note 1: does not happen in Dev mode => do NOT set org.nuxeo.dev=true to reproduce. You can use org.nuxeo.dev=true as a workaround
      Note 2: re-invoking https://nuxeo:port/nuxeo a third time works

      Expected: relogging in CAS, OAuth2, OKTA should work seamlessly

        Attachments

          Issue Links

            Activity

              People

              • Votes:
                1 Vote for this issue
                Watchers:
                7 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:

                  Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - Not Specified
                  Not Specified
                  Logged:
                  Time Spent - 4 hours
                  4h

                    PagerDuty

                    Error rendering 'com.pagerduty.jira-server-plugin:PagerDuty'. Please contact your Jira administrators.