From f4c044026b5168453be2b4d592a9524178937254 Mon Sep 17 00:00:00 2001 From: 1000TurquoisePogs Date: Fri, 14 Aug 2020 11:50:13 -0400 Subject: [PATCH] Small bugfix for big session renewal issue Signed-off-by: 1000TurquoisePogs --- CHANGELOG.md | 4 ++++ plugins/sso-auth/lib/ssoAuth.js | 2 +- 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 900d90c2..1a0be36c 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -3,6 +3,10 @@ All notable changes to the Zlux Server Framework package will be documented in this file. This repo is part of the app-server Zowe Component, and the change logs here may appear on Zowe.org in that section. +## 1.15.0 + +- Bugfix: Fixed desktop prompting for session renewal and failure due to sso-auth plugin incorrectly stating that session refresh is possible when using Zowe SSO. In reality, the SSO tokens are non-renewable with expiration after several hours, leading to a prompt to re-authenticate to continue using the Desktop. This bugfix should now allow for that behavior. + ## 1.14.0 - Bugfix: Plugin default server config could not exist in plugins own directory, and had to exist in the instance diff --git a/plugins/sso-auth/lib/ssoAuth.js b/plugins/sso-auth/lib/ssoAuth.js index 1eb378a2..1873c6e5 100644 --- a/plugins/sso-auth/lib/ssoAuth.js +++ b/plugins/sso-auth/lib/ssoAuth.js @@ -72,7 +72,7 @@ function SsoAuthenticator(pluginDef, pluginConf, serverConf, context) { "canGetStatus": true, "canGetCategories": true, //when zosmf cookie becomes invalid, we can purge zss cookie even if it is valid to be consistent - "canRefresh": this.usingZss ? true : false, + "canRefresh": (this.usingZss && !this.usingSso) ? true : false, "canAuthenticate": true, "canAuthorize": true, "canLogout": true,