You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Opening authentication in two different tabs result on state mismatch causing some libraries that use node-openid-client to throw an error to the user.
Expected behaviour
A common user can easily open multiple tabs of an application and choose a random one after to login. But instead of having a successful login, an error is returned.
Unsurprisingly, just like in the aforementioned #154, there's nothing much to do. The passport strategy is meant to remain simple, not dealing with edge cases.
As far as next-auth, or other pieces of work that utilize openid-client, they can orchestrate the state v session management however complex they can afford since the core library is not responsible for maintaining the user-agent state and its state in any way.
Describe the bug
Opening authentication in two different tabs result on state mismatch causing some libraries that use
node-openid-client
to throw an error to the user.To Reproduce
Same steps as described here: #154
Expected behaviour
A common user can easily open multiple tabs of an application and choose a random one after to login. But instead of having a successful login, an error is returned.
Environment:
Additional context
This issue is also related on next-auth projects:
nextauthjs/next-auth#7894
In the issue above I posted some logs from next-auth.
Something similar also happened here: nextauthjs/next-auth#3022
The text was updated successfully, but these errors were encountered: