fix(ui): potential fix for okta login, clear state for avoid login errors (#20379)

* fix(ui): okta login clear state for avoid errors * add fallback option
2025-10-15 10:48:31 +00:00 · 2025-03-21 20:35:15 +05:30 · 2025-03-21 20:35:15 +05:30 · fc30e69442
commit fc30e69442
parent d317081460
1 changed files with 41 additions and 29 deletions
--- a/openmetadata-ui/src/main/resources/ui/src/components/Auth/AuthProviders/OktaAuthProvider.tsx
+++ b/openmetadata-ui/src/main/resources/ui/src/components/Auth/AuthProviders/OktaAuthProvider.tsx
@ -47,6 +47,10 @@ export const OktaAuthProvider: FunctionComponent<Props> = ({
        tokenManager: {
          autoRenew: false,
        },
+        cookies: {
+          secure: true,
+          sameSite: 'none',
+        },
      }),
    [clientId, issuer, redirectUri, scopes, pkce]
  );
@ -55,7 +59,21 @@ export const OktaAuthProvider: FunctionComponent<Props> = ({
    await oktaAuth.signInWithRedirect();
  };

-  const restoreOriginalUri = useCallback(async (_oktaAuth: OktaAuth) => {
+  const customAuthHandler = async () => {
+    const previousAuthState = oktaAuth.authStateManager.getPreviousAuthState();
+    if (!previousAuthState?.isAuthenticated) {
+      // Clear storage before triggering login
+      oktaAuth.tokenManager.clear();
+      await oktaAuth.signOut();
+      // App initialization stage
+      await triggerLogin();
+    } else {
+      // Ask the user to trigger the login process during token autoRenew process
+    }
+  };
+
+  const restoreOriginalUri = useCallback(
+    async (_oktaAuth: OktaAuth) => {
      const idToken = _oktaAuth.getIdToken() ?? '';
      const scopes =
        _oktaAuth.authStateManager.getAuthState()?.idToken?.scopes.join() || '';
@ -77,21 +95,15 @@ export const OktaAuthProvider: FunctionComponent<Props> = ({
          };
          onLoginSuccess(user);
        })
-      .catch((err) => {
+        .catch(async (err) => {
          // eslint-disable-next-line no-console
          console.error(err);
+          // Redirect to login on error
+          await customAuthHandler();
        });
-  }, []);
-
-  const customAuthHandler = async () => {
-    const previousAuthState = oktaAuth.authStateManager.getPreviousAuthState();
-    if (!previousAuthState || !previousAuthState.isAuthenticated) {
-      // App initialization stage
-      await triggerLogin();
-    } else {
-      // Ask the user to trigger the login process during token autoRenew process
-    }
-  };
+    },
+    [onLoginSuccess]
+  );

  return (
    <Security