Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

SSO Fallback does not work on Riot-desktop #13719

Closed
artooro opened this issue May 19, 2020 · 2 comments · Fixed by element-hq/element-desktop#91
Closed

SSO Fallback does not work on Riot-desktop #13719

artooro opened this issue May 19, 2020 · 2 comments · Fixed by element-hq/element-desktop#91
Assignees
@turt2live
Labels
A-E2EE-Cross-Signing A-Electron A-SSO T-Defect Z-Mozilla

Comments

@artooro
Copy link

artooro commented May 19, 2020

Description

The new cross-signing SSO/SAML flow is working from riot-web but on riot-desktop when the user gets to the authorized web page, the desktop app never seems to recognize it.

Steps to reproduce

  • Upgrade encryption on riot-desktop
  • Authenticate SAML login

Describe how what happens differs from what you expected.

I'd expect that the authentication and encryption upgrade completes.

Version information

For the desktop app:

  • OS: Windows, macOS, Ubuntu, Arch Linux, etc? macOS
  • Version: 1.6.1
@artooro
Copy link
Author

artooro commented May 19, 2020

This is related to matrix-org/synapse#7484

@turt2live turt2live mentioned this issue May 20, 2020
Closed
@turt2live
Copy link
Member

This is not related to matrix-org/synapse#7484

The error is:

vendors~init.js:2 Uncaught Error: Unable to deserialize cloned data due to invalid or unsupported version.
    at EventEmitter../lib/renderer/ipc-renderer-internal.ts.exports.ipcRendererInternal.sendSync (ipc-renderer-internal.ts:13)
    at Object.invokeSync (ipc-renderer-internal-utils.ts:17)
    at Object.<anonymous> (init.js:40)
    at Object../lib/sandboxed_renderer/init.js (init.js:201)
    at __webpack_require__ (bootstrap:19)
    at bootstrap:83
    at bootstrap:83

Which comes from the depths of electron.

@turt2live turt2live self-assigned this May 20, 2020
turt2live added a commit to element-hq/element-desktop that referenced this issue May 20, 2020
@turt2live
Enforce sandbox on all spawned BrowserWindow objects
0269501 
The docs (https://www.atom.pe/docs/api/sandbox-option/) say we should be using the browser-native `window.open` implementation, but in practice that appears very much false. Electron, no matter our set of options, appears to always make a hit to the ipcRenderer with `window.open` calls, causing the calling code to explode due to the sandbox making that impossible.

By using `app.enableSandbox()`, it puts the sandbox in place over all BrowserWindow objects, including the temporary ones which empirically are being created for `window.open`. We do not need to specify `sandbox: true` to the BrowserWindow with this approach, though uncommenting and therefore reintroducing the flag causes our lovely ipcRenderer error again.

As far as I can tell, the sandbox does actually get applied to the window though the fact that `sandbox: true` still does things despite the docs saying otherwise leaves me a bit uncomfortable.

Fixes element-hq/element-web#13719
@turt2live turt2live mentioned this issue May 20, 2020
Merged
@clokep clokep mentioned this issue May 21, 2020
Closed
@t3chguy t3chguy mentioned this issue May 23, 2020
Closed
@clokep clokep mentioned this issue May 27, 2020
Merged
11 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@turt2live turt2live

Labels
A-E2EE-Cross-Signing A-Electron A-SSO T-Defect Z-Mozilla
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Enforce sandbox on all spawned BrowserWindow objects element-hq/element-desktop
3 participants
@artooro @turt2live @t3chguy