Keycloak provider login fails if access token is too large because of cookie size limit

[exolightor]

Apache Airflow Provider(s)

keycloak

Versions of Apache Airflow Providers

apache-airflow-providers-keycloak==0.4.1

Apache Airflow version

3.1.5

Operating System

Ubuntu 22.04.1 LT

Deployment

Virtualenv installation

Deployment details

Packages airflow-core and apache-airflow-providers-keycloak installed via pip in virtualenv. Keycloak config is pointing to Keycloak instance deployed on OpenShift. The Keycloak access token is quite large because multiple realm roles are included in access token.

What happened

After logging in via Keycloak SSO the Airflow UI enters into a 401 unauthorized loop. After successfull auth code flow, the cookie with access token + refresh token is not passed to Airflow UI because they exceed the cookie size limit of 4KB.

What you think should happen instead

After Keycloak login, the Airflow home page should display without any 401 unauthorized errors.

How to reproduce

Login with a Keycloak user having a large access token, e.g., a user with 15+ roles, so that access token + refresh token exceed cookie size limit of 4kB.

Anything else

No response

Are you willing to submit PR?

• Yes I am willing to submit a PR!

Code of Conduct

• I agree to follow this project's Code of Conduct

[boring-cyborg]

Thanks for opening your first issue here! Be sure to follow the issue template! If you are willing to raise PR to address this issue please do so, no need to wait for approval.