Reduce race condition on pages authentication
What does this MR do?
When the user tries to authenticate and reload the page concurrently, gitlab pages might receive a authentication request with the state already set.
In these cases, we should re-use the state instead of creating a new one. This way, we reduce the chance of a concurrent request return a 401.
before fix | after fix |
---|---|
401 | fixed |
Related to: gitlab#342587 (closed)
This is not a whole fix, as discussed in gitlab#342587 (comment 1194769865), this might still happen, but less frequently. After this fix we'll be working in implement a new OAuth flow to remove this problem completely.
TODO
-
Feature flag
-
Added feature flag: -
This feature does not require a feature flag
-
-
I added the Changelog
trailer to the commits that need to be included in the changelog (e.g.Changelog: added
) -
I added unit tests or they are not required -
I added acceptance tests or they are not required -
I added documentation (or it's not required) -
I followed code review guidelines -
I followed Go Style guidelines
Edited by Kassio Borges