Frequent Log-Outs when using OIDC #27914
Labels
A-SSO
O-Frequent
Affects or can be seen by most users regularly or impacts most users' first experience
S-Major
Severely degrades major functionality or product features, with no satisfactory workaround
T-Defect
Steps to reproduce
Outcome
What did you expect?
Correct handling of unstable connections and retries of token refreshes
What happened instead?
When a token refresh fails, even for other reasons then the refresh token being invalid, the sessions ends
An easy way to reproduce this is blocking POST to https://$mas/oauth2/token, although this is not neccesary:
It should look like the following:
Sometimes there are even race-comditions, where the old token gets re-used, even if a correct has just become available. This happened without any modification or request-blocking:
URL for webapp
app.element.io and more
Application version
Element 1.11.71 and 1.11.73
Homeserver
gwdg.de: Synapse 1.111.0 with MAS 0.9.0 and 0.10.0-rc.0
The text was updated successfully, but these errors were encountered: