Closed
Bug 1437824
Opened 7 years ago
Closed 7 years ago
Auth0 login sessions not lasting as long as expected
Categories
(Tree Management :: Treeherder, defect, P1)
Tree Management
Treeherder
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: emorley, Assigned: hassan)
References
Details
Attachments
(2 files)
Filed from:
https://groups.google.com/forum/#!topic/mozilla.dev.platform/PK_obIp20v8
Message from :philor...
> > - Treeherder session will stay alive as long as access to the site
> > happens once every 24 hours. 3 days session expiry is no longer in
> > effect.
>
> This doesn't seem to be the case: I'm logged in when I go to bed, and 7
> hours later when I get up I'm logged out; I'm logged in when I leave for
> work, and 4.5 hours later when I get home on my lunch hour I'm logged out.
Message from :bz...
> > - Treeherder session will stay alive as long as access to the site happens once every 24 hours. 3 days session expiry is no longer in effect.
>
> This seems to not be working at all. I just carefully recorded the last
> time I logged in to treeherder: 8:39pm, on Feb 12, 2018, US/Eastern time.
>
> It is now 9:27pm on the same day. I just loaded treeherder. It's
> showing me logged out.
>
> The login didn't even last for 1 hour.
>
> Login was done via LDAP.
Hassan, I don't suppose you could take a look? I'm guessing it may need some additional logging added to shed light on the cause.
Flags: needinfo?(helfi92)
Comment 1•7 years ago
|
||
Andreea also got backed out several times during the last European night shift.
I hit the issue often yesterday in the European morning and around noon and noticed issue after I had set treeherder tabs from the previous day as active tabs - could this be related?
Using different single sign-on credentials on a different Mozilla site cause a logout from treeherder.
Comment 2•7 years ago
|
||
(In reply to Sebastian Hengst [:aryx][:archaeopteryx] (needinfo on intermittent or backout) from comment #1)
> Using different single sign-on credentials on a different Mozilla site cause
> a logout from treeherder.
This part is known -- Auth0 sign-in is "browser-wide". If you login as another Auth0 identity in another tab, that affects all tabs.
Comment 3•7 years ago
|
||
I have _not_ been logging in as another Auth0 identity, fwiw.
Comment 4•7 years ago
|
||
(In reply to Dustin J. Mitchell [:dustin] pronoun: he from comment #2)
> (In reply to Sebastian Hengst [:aryx][:archaeopteryx] (needinfo on
> intermittent or backout) from comment #1)
> > Using different single sign-on credentials on a different Mozilla site cause
> > a logout from treeherder.
>
> This part is known -- Auth0 sign-in is "browser-wide". If you login as
> another Auth0 identity in another tab, that affects all tabs.
https://addons.mozilla.org/en-US/firefox/addon/multi-account-containers/ ?
Then Auth0 sign-in will be container-wide.
Comment 5•7 years ago
|
||
Yep, this bug is valid -- I just didn't want to confuse it with the multi-login situation.
Comment 6•7 years ago
|
||
Commit pushed to master at https://github.com/mozilla/treeherder
https://github.com/mozilla/treeherder/commit/7b79be8fccc96fce76dcc4725023c776758a835d
Bug 1437824 - Add logging to help debug session issue (#3220)
* Add auth logging to backend
* Use .warn instead of .info so that it shows in production
* Use notifications as an attempt to debug Bug 1437824
Comment 7•7 years ago
|
||
Even though we don't *always* repeat the same mistakes, one thing to keep an eye out for would be the same thing that gave us short logins after treestatus switched to auth0, getting seconds and treating them as milliseconds, https://github.com/mozilla-releng/services/pull/702
Assignee | ||
Comment 8•7 years ago
|
||
The next time you get logged out, could you please:
- post a screenshot of the recent notifications menu (the bell icon beside the infra dropdown)
- let me know whether you had more than a single Treeherder tab open when the issue occurred
Flags: needinfo?(helfi92)
Comment 9•7 years ago
|
||
> - post a screenshot of the recent notifications menu (the bell icon beside the infra dropdown)
Here's what I see in there when I just load treeherder for inbound:
2/14/18 10:10 AM User either is not authenticated in the back-end or there has been some race condition with localStorage
2/14/18 10:10 AM User is authenticated in the back-end on page load
2/14/18 10:10 AM User either is not authenticated in the back-end or there has been some race condition with localStorage
2/14/18 10:10 AM User is authenticated in the back-end on page load
2/13/18 10:40 PM User either is not authenticated in the back-end or there has been some race condition with localStorage
2/13/18 10:40 PM User is authenticated in the back-end on page load
I can get you a screenshot if it would be really useful.
> - let me know whether you had more than a single Treeherder tab open when the issue occurred
I have 15 treeherder tabs open, but I'm not sure how many of them are actually loaded/restored. Definitely not all, but it could well be more than 1.
Comment 10•7 years ago
|
||
For me, it'll always be at least six tabs open. Computer would have been asleep starting around 00:15, and the significance of 04:21 is probably that my cat tried to wake me up by "accidentally" stepping on the keyboard and waking the computer up then.
Comment 11•7 years ago
|
||
More data, starting where the other one picked up:
2/14/18 10:42 AM User either is not authenticated in the back-end or there has been some race condition with localStorage
2/14/18 10:42 AM User is authenticated in the back-end on page load
2/14/18 10:41 AM User either is not authenticated in the back-end or there has been some race condition with localStorage
2/14/18 10:41 AM User is authenticated in the back-end on page load
2/14/18 10:21 AM User is authenticated in the back-end on page load
2/14/18 10:15 AM User is authenticated in the back-end on page load
2/14/18 10:14 AM User is authenticated in the back-end on page load
2/14/18 10:14 AM User is authenticated in the back-end on page load
2/14/18 10:14 AM User is authenticated in the back-end on page load
2/14/18 10:10 AM User either is not authenticated in the back-end or there has been some race condition with localStorage
2/14/18 10:10 AM User is authenticated in the back-end on page load
(this time me being logged in clearly lasted about 30 minutes...)
Comment 12•7 years ago
|
||
Commit pushed to master at https://github.com/mozilla/treeherder
https://github.com/mozilla/treeherder/commit/0cc341619fae1f5eb81748861ad7b18fe1bc11c1
Bug 1437824 - Stop logging out users if renewal fails (#3228)
In case:
* multiple tabs are trying to renew at the same time, where one
tab will throw an error hence logging users out
* the renewal fails for transient reasons (eg wifi not re-established
after machine resumes from sleep)
Reporter | ||
Comment 13•7 years ago
|
||
The hopeful fix has just been deployed to production - please let us know how it works out :-)
Reporter | ||
Updated•7 years ago
|
Assignee: nobody → helfi92
Status: NEW → ASSIGNED
Comment 14•7 years ago
|
||
My login survived the sleep between lunch and coming home from work, which has been a 100% logout, so I'd say it's fixed for my case.
Comment 15•7 years ago
|
||
Looks good on my end too: I last loaded a treeherder thing about 7 hours ago, just loaded one now, and I'm still logged in. ;)
Hm, after sleeping I was logged out again. Let me have an extra eye on it today.
Comment 17•7 years ago
|
||
hi, i'm on the day shift today, will keep you posted if i get logged out again.
So I got logged out again since I posted the last time which are 8h. How long should a session survive?
Comment 19•7 years ago
|
||
Same here, I was logged out after a few hours (less than 4).
Assignee | ||
Comment 20•7 years ago
|
||
Henrik, Marco - Would you be able to provide me with the content of your recent notifications tab. Be sure to refresh the page before doing so just so it can have the most up to date notifications.
Flags: needinfo?(mcastelluccio)
Flags: needinfo?(hskupin)
Assignee | ||
Comment 21•7 years ago
|
||
The notifications menu is the bell icon beside the infra dropdown in the navbar.
Comment 22•7 years ago
|
||
Sorry, I thought this was Taskcluster and not Treeherder. I guess I should file another bug.
Flags: needinfo?(mcastelluccio)
Comment 23•7 years ago
|
||
Marco, the bugs probably have a common solution, so that's fine.
Comment 24•7 years ago
|
||
> 2/15/18 5:07 PM User either is not authenticated in the back-end or there has been some race condition with localStorage
> 2/15/18 4:33 PM User either is not authenticated in the back-end or there has been some race condition with localStorage
Reporter | ||
Comment 25•7 years ago
|
||
Was there a chance that some old Treeherder tabs open, that had not yet been refreshed since the comment 13 deployment? (The fix was client side and iirc even when tabs appear to be reloaded when re-activated after restoring a browser session, the page is actually being loaded from the browser cache).
Reporter | ||
Comment 26•7 years ago
|
||
(Eugh sorry I should learn to re-read after copy-paste rearranging a sentence)
Comment 27•7 years ago
|
||
(In reply to Ed Morley [:emorley] from comment #25)
> Was there a chance that some old Treeherder tabs open, that had not yet been
> refreshed since the comment 13 deployment? (The fix was client side and iirc
> even when tabs appear to be reloaded when re-activated after restoring a
> browser session, the page is actually being loaded from the browser cache).
I'm not sure, I'll test again tomorrow.
When I tried to login again now with Taskcluster, I got this authorization screen.
Comment 28•7 years ago
|
||
As an update I did not get logged out in the last two shifts, 1 day shift and 1 night shift RO time, in treeherder.
Regarding taskcluster, i got the authorization screen, however after log out, log in, it worked as expected.
I haven't seen it again. Looks like i works now.
Flags: needinfo?(hskupin)
Assignee | ||
Updated•7 years ago
|
Status: ASSIGNED → RESOLVED
Closed: 7 years ago
Resolution: --- → FIXED
Comment 32•7 years ago
|
||
Commit pushed to master at https://github.com/mozilla/treeherder
https://github.com/mozilla/treeherder/commit/b7c1d8bee70acb40826bc85b9e195c087853aafa
Bug 1437824 - Remove debugging logging now that sessions seem to work (#3260)
Comment 33•7 years ago
|
||
(In reply to Henrik Skupin (:whimboo) from comment #29)
> I haven't seen it again. Looks like i works now.
Hi, sorry to disappoint, i started the shift at 8am RO time and until 11am RO time, i got logged out 3 times, no error message. I only had treeherder and bugzilla tabs opened, no other pages that required other login information.
You need to log in
before you can comment on or make changes to this bug.
Description
•