You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@nifi.apache.org by "John (Jira)" <ji...@apache.org> on 2022/10/20 17:09:00 UTC
[jira] [Commented] (NIFI-4890) OIDC Token Refresh is not done correctly
[ https://issues.apache.org/jira/browse/NIFI-4890?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17621255#comment-17621255 ]
John commented on NIFI-4890:
----------------------------
Another vote for fixing this one.
I just got OIDC set up with my 1.17.0 NiFi dev instance and I'm running into the same issue. The expiration is making it difficult to get any flows built. Will probably disable OIDC for the time being. There must not be many folks using OIDC with NiFi or this wheel would be much squeakier than it is. :)
For those interested, I read a post on StackOverflow where a fellow hacked the expiration to be longer:
https://stackoverflow.com/questions/59015871/oidc-disconnect-in-nifi
No link to his source code though, unfortunately.
Any feedback on a proper fix would be much appreciated.
> OIDC Token Refresh is not done correctly
> ----------------------------------------
>
> Key: NIFI-4890
> URL: https://issues.apache.org/jira/browse/NIFI-4890
> Project: Apache NiFi
> Issue Type: Bug
> Components: Core UI
> Affects Versions: 1.5.0
> Environment: Environment:
> Browser: Chrome / Firefox
> Configuration of NiFi:
> - SSL certificate for the server (no client auth)
> - OIDC configuration including end_session_endpoint (see the link https://auth.s.orchestracities.com/auth/realms/default/.well-known/openid-configuration)
> Reporter: Federico Michele Facca
> Assignee: David Handermann
> Priority: Major
>
> It looks like the NIFI UI is not refreshing the OIDC token in background, and because of that, when the token expires, tells you that your session is expired. and you need to refresh the page, to get a new token.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)