reset environment fails with api errors

[kbsingh]

For user drc01inb, trying to reset env I get, the Your account section :

Response with status: 500 Internal Server Error for URL: https://api.openshift.io/api/user/services

The configs are not updated for che/jenkins

[joshuawilson]

@kbsingh have you seen this with any other user?

[joshuawilson]

@aslakknutsen can you please look into this.

[kbsingh]

It seems the users oso token stored in keycloak was no longer valid, so the tenant service was failing. Would it be possible for the tenant service to report through to the UI something better? And maybe even redirect the user to a page where they can relink their account from oso ?

[alexeykazakov]

@kbsingh yes, we are planning to address it. The corresponding issue on Auth side - fabric8-services/fabric8-auth#38

[joshuawilson]

@alexeykazakov is this a bug with one user or a bug for everyone? If it is just one user then we should move the issue.

[alexeykazakov]

@joshuawilson it's a very old issue. Sometimes for whatever reason OSO tokens get invalid. We don't know why. OSO team doesn't know either. It happen with different users.
The solution on our side would be to catch such errors (when OSO token is not good anymore) and initiate OSO account linking (see fabric8-services/fabric8-auth#38).

[RanjithRV]

@alexeykazakov curious regarding why we marked this issue as not a bug. This is not expected behaviour is it?

[alexeykazakov]

In this case the reset env failed because the OSO token was invalid. It’s expected behavior to fail in such case. It’s rather a missing feature to auto detect invalid OSO tokens.

[qodfathr]

This sounds like a request for a new feature, so I'm going to type/feature for now. Also, when bug was removed severity was not, so I'll do that, too.

[aslakknutsen]

@alexeykazakov This is technically /api/user/services not replying with propper www-auth challenge headers based on response from auth, and UI not understanding it if it did.. :)