Loading...

XML

Word

Printable

Type: Bug
Resolution: Unresolved
Priority: Undefined
Fix Version/s: None
Affects Version/s: 4.20
Component/s: Management Console
Labels:
None

Activity Type:
Quality / Stability / Reliability
Blocked:
False
Blocked Reason:

Hide

None

Show
None
Story Points:
None
Severity:
Critical
Regression:
None
Epic Link:
CNTRLPLANE-883

Target Backport Versions:
None
Target Version:

4.21.0
Release Blocker:
None
Sprint:
None

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

PX Impact Score:

Release Note Status:
None
Release Note Type:
None
Release Note Text:
None

Escape Reason:
None
Escape Impact:
None
Corrective Measures:
None
SDLC stage when should've been found:
None

Description of problem:

Configure external oidc provider with ADFS server for the cluster, login openshift-console, met authentication error in console.

Version-Release number of selected component (if applicable):

4.20.0-0.nightly-2025-09-19-231410

How reproducible:

   Always

Steps to Reproduce:

    1. Configure ADFS server external oidc provider in authentication
 
$oc edit authentication
  spec:
    oauthMetadata:
      name: ""
    oidcProviders:
    - claimMappings:
        groups:
          claim: custom-groups
          prefix: 'oidc-groups-test:'
        username:
          claim: email
          prefix:
            prefixString: 'oidc-user-test:'
          prefixPolicy: Prefix
      issuer:
        audiences:
        - <CLINET_ID>
        issuerCertificateAuthority:
          name: adfs-ca
        issuerURL: <ISSUER_URL>
      name: windows-oidc
      oidcClients:
      - clientID: <CLIENT_ID>
        clientSecret:
          name: adfs-secret
        componentName: console
        componentNamespace: openshift-console
        extraScopes:
        - email
        - profile
        - allatclaims
    serviceAccountIssuer: ""
    type: OIDC
  
    2. Login in openshift console and input ADFS username/password
    3. Got authentication error info in console
    4. Click Try again, then can log in openshift, but displayed 404 error in openshift console
     5. After click any tab, openshift console display correctly.

Actual results:

   Cannot login openshift console first time.

Expected results:

    Should login openshift console successfully first time

Additional info:

openshift console info: https://docs.google.com/document/d/1C0Ln-Ir6hthQfy5r8K9Q6uBzniWmsERwp1JVu6_E200/edit?tab=t.0

must-gather: https://drive.google.com/drive/folders/1kKsCnSwwsvxC_9BSF_N89osCJN2imteL?usp=drive_link

links to

openshift/console#15631: OCPBUGS-62142: Fix cookie size limit error with large OIDC refresh tokens

Assignee:: Jon Jackson

Reporter:: Wen Wang

Need Info From:: None

Contributors:: None

QA Contact:: Wen Wang

Doc Contact:: None

Votes:: 0 Vote for this issue

Watchers:: 5 Start watching this issue

Created:: 2025/09/24 7:31 AM

Updated:: 2025/11/15 10:06 AM

Details

Description

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates