Closed Bug 1477040 Opened 7 years ago Closed 7 years ago

Can't login via Auth0, only red "error" banner displayed on callback page

Categories

(Taskcluster :: General, defect)

Product:
Taskcluster
Component:
General
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED WORKSFORME

People

(Reporter: hwine, Unassigned)

Details

Some hints I might be a snowflake below, but current situation is - attempt to login to tools.tc.net via auth0 - auth0 autologin appears to work (I'm not asked to do anything) - tc displays a red "error" banner on return page, URL prefix is: https://tools.taskcluster.net/login/auth0#access_token= I can login to treeherder via auth0 perfectly well, an it appears to pick up all the correct TC credentials for me to use. (E.g. add job to task). Auth0 also works perfectly well for all corporate uses. Why I might be a snowflake: - my L2 creds had expired - re-enabled yesterday via bug 1476742 - may not have logged into TC for very long time Although I could log into treeherder, my restored commit access wasn't effective until I signed out of sso (via sso.m.c) and re-logged in. Doing that fixed things with treeherder, but did not fix tc login.
Hm, I can't reproduce in a private browsing window. A few thoughts: * are you using containers? containers are not really compatible with auth0. * does the the page with the error banner actually have an access token? * anything in the console? * is your system time correct?
(In reply to Dustin J. Mitchell [:dustin] pronoun: he from comment #1) > * anything in the console? Yes - I should have thought to look there /o\ Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://auth.mozilla.auth0.com/.well-known/jwks.json. (Reason: CORS request did not succeed). And that pointed me to EFF's Privacy Badger -- tweaked the settings and good to go now. (I thought I had checked that before, as I know it's an issue sometimes. My bad) it'd be nice if there was a way to display a hint for this condition, but that might be an auth0 issue.
Status: NEW → RESOLVED
Closed: 7 years ago
Resolution: --- → WORKSFORME
Ah, I should add privacy badger to the list with containers. Brian ran into that as well. The jwks library does that fetch, and I don't think the JS layer gets much information about a failed CORS request, so I don't think there's much we can do to make that more obvious.
You need to log in before you can comment on or make changes to this bug.