(js) Improve CAS handling

Fixes #4468
2026-02-28 20:56:24 +00:00 · 2019-01-22 15:34:23 -05:00
parent fcbec9a33b
commit 9596ac2a20
2 changed files with 20 additions and 11 deletions
--- a/1
+++ b/1
@@ -8,6 +8,7 @@ Bug fixes
 - [web] fixed all-day event dates with different timezone
 - [web] fixed display of Bcc header (#4642)
 - [web] fixed refresh of drafts folder when saving a draft
+ - [web] fixed CAS session timeout handling during XHR requests (#4468)
 - [core] ignore transparent events in time conflict validation (#4539)
 - [core] fixed yearly recurrence calculator when starting from previous year

--- a/UI/WebServerResources/js/Common/Common.app.js
+++ b/UI/WebServerResources/js/Common/Common.app.js
@@ -310,18 +310,26 @@
        if (/^application\/json/.test(rejection.config.headers.Accept)) {
          // Handle CAS ticket renewal
          if ($window.usesCASAuthentication && rejection.status == -1) {
-            deferred = $q.defer();
-            iframe = angular.element('<iframe class="ng-hide" src="' + $window.UserFolderURL + 'recover"></iframe>');
-            iframe.on('load', function() {
-              // Once the browser has followed the redirection, send the initial request
-              var $http = $injector.get('$http');
-              $http(rejection.config).then(deferred.resolve, deferred.reject);
-              iframe.remove();
-            });
-            document.body.appendChild(iframe[0]);
-            return deferred.promise;
+            if ($window.attempted) {
+              // Already attempted once -- reload page
+              $window.location.reload(true);
+            }
+            else {
+              deferred = $q.defer();
+              iframe = angular.element('<iframe class="ng-hide" src="' + $window.UserFolderURL + 'recover"></iframe>');
+              iframe.on('load', function() {
+                // Once the browser has followed the redirection, send the initial request
+                var $http = $injector.get('$http');
+                $http(rejection.config).then(deferred.resolve, deferred.reject);
+                iframe.remove();
+                $window.attempted = true;
+              });
+              document.body.appendChild(iframe[0]);
+              return deferred.promise;
+            }
          }
-          else if ($window.usesSAML2Authentication && rejection.status == 401) {
+          else if ($window.usesSAML2Authentication && rejection.status == 401 && !$window.attempted) {
+            $window.attempted = true;
            $window.location.reload(true);
          }
          else {