You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
"plugins": { "openid-connect": { "client_id": "aaaaaaa", "client_secret": "bbbbbbb", "discovery": "https://ccccc/.well-known/openid-configuration", "redirect_uri":"https://ddd.com/callback" } }
I had the same problem as bug
When the page enters redirect_uri
2021/01/06 10:28:17 [error] 63#63: *13976465 [lua] openidc.lua:1378: authenticate(): request to the redirect_uri path but there's no session state found, client: 10.51.71.140, server: , request: "GET /callback?code=jcovfcyh2x2fuxaxqxdf25bsu&state=e0d730e54a012e6d008ec0635477ba28 HTTP/1.1" 2021/01/06 10:28:17 [error] 63#63: *13976465 [lua] openid-connect.lua:300: phase_fun(): OIDC authentication failed: request to the redirect_uri path but there's no session state found type: table, client: 10.51.71.140, server: , request: "GET /callback?code=jcovfcyh2x2fuxaxqxdf25bsu&state=e0d730e54a012e6d008ec0635477ba28 HTTP/1.1"
For anyone struggling with this problem like I was after an entire days wasted:
There is an undocumented configuration field "session.secret". As soon as I set this to a random value the problem went away. See below for an example:
Issue description
"plugins": { "openid-connect": { "client_id": "aaaaaaa", "client_secret": "bbbbbbb", "discovery": "https://ccccc/.well-known/openid-configuration", "redirect_uri":"https://ddd.com/callback" } }
I had the same problem as bug
When the page enters redirect_uri
2021/01/06 10:28:17 [error] 63#63: *13976465 [lua] openidc.lua:1378: authenticate(): request to the redirect_uri path but there's no session state found, client: 10.51.71.140, server: , request: "GET /callback?code=jcovfcyh2x2fuxaxqxdf25bsu&state=e0d730e54a012e6d008ec0635477ba28 HTTP/1.1" 2021/01/06 10:28:17 [error] 63#63: *13976465 [lua] openid-connect.lua:300: phase_fun(): OIDC authentication failed: request to the redirect_uri path but there's no session state found type: table, client: 10.51.71.140, server: , request: "GET /callback?code=jcovfcyh2x2fuxaxqxdf25bsu&state=e0d730e54a012e6d008ec0635477ba28 HTTP/1.1"
https://github.com/zmartzone/lua-resty-openidc/blob/v1.7.2/lib/resty/openidc.lua Line 1361
local session, session_error = r_session.start(session_opts)
https://github.com/bungle/lua-resty-session/blob/v2.24/lib/resty/session.lua Line 320
return self, present
session_error receives the value of present,session is not initialized present
Environment
apisix version
):uname -a
)nginx -V
oropenresty -V
)Minimal test code / Steps to reproduce the issue
What's the actual result? (including assertion message & call stack if applicable)
What's the expected result?
The text was updated successfully, but these errors were encountered: