tsh login timeout too aggressive, not configurable #2483

aberoham · 2019-01-11T20:46:22Z

What happened:

tsh login timeout for SAML/OIDC is too quick for some scenarios, such as when the identity provider has non-immediate additional auth factors (such as email-based tokens).

If browser window does not open automatically, open it by clicking on the link:
 http://127.0.0.1:54679/[redacted]
error: timed out waiting for callback

What you expected to happen: For SAML/OIDC timeout to be configurable or simply longer than the current 60 second value

How to reproduce it (as minimally and precisely as possible): Run tsh login against an auth provider you're not currently logged into and wait 60+ seconds.

Environment:

Teleport version (use teleport version): 3.x
Tsh version (use tsh version): 3.x
OS (e.g. from /etc/os-release): n/a

Browser environment
n/a

Relevant Debug Logs If Applicable

n/a

The text was updated successfully, but these errors were encountered:

kontsevoy · 2019-01-29T23:11:07Z

@klizhentas need your opinion on this, especially about simply increasing the default value to, say, 180 seconds.

klizhentas · 2019-01-29T23:22:29Z

sounds good

kontsevoy added this to the 3.1.6 "West Village" milestone Jan 29, 2019

russjones mentioned this issue Jan 30, 2019

Increase SSO callback timeout to 180 seconds. #2533

Merged

russjones self-assigned this Jan 30, 2019

russjones closed this as completed in #2533 Feb 4, 2019

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

tsh login timeout too aggressive, not configurable #2483

tsh login timeout too aggressive, not configurable #2483

aberoham commented Jan 11, 2019

kontsevoy commented Jan 29, 2019

klizhentas commented Jan 29, 2019

tsh login timeout too aggressive, not configurable #2483

tsh login timeout too aggressive, not configurable #2483

Comments

aberoham commented Jan 11, 2019

kontsevoy commented Jan 29, 2019

klizhentas commented Jan 29, 2019