Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Inform user to re-login when cached token is stale after multiple attempts #241

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

Eitol
Copy link

@Eitol Eitol commented Oct 16, 2024

This pull request addresses an issue where users with expired sessions in their browsers encounter repeated authentication failures when running the okta-aws-cli web command. Previously, the tool would attempt to authenticate twice and display an error message: "Cached access token appears to be stale...". However, it did not provide clear guidance on how to resolve the issue.

Changes Made:

Updated the NewWebCommand function to check after two failed authentication attempts.

If the authentication fails due to an invalid_grant error after retries, the tool now informs the user to log out of Okta in their
browser and log back in.

Added user-friendly messaging to guide users through resolving the expired session issue.

Impact:

  • Enhances user experience by providing clear instructions to resolve authentication issues caused by expired browser sessions.
  • Reduces confusion and potential support requests related to stale cached tokens.

see: #153 (comment)

Introduce detailed error handling for Okta authentication failures, providing specific messages when an "invalid_grant" error occurs. Offer user guidance to resolve the issue by logging out and back into Okta if multiple attempts fail.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant