Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

authelia: session retrieval failure #392231

Open
3 tasks done
JayRovacsek opened this issue Mar 22, 2025 · 3 comments · May be fixed by #392258
Open
3 tasks done

authelia: session retrieval failure #392231

JayRovacsek opened this issue Mar 22, 2025 · 3 comments · May be fixed by #392258
Labels
0.kind: bug Something is broken

Comments

@JayRovacsek
Copy link
Contributor

JayRovacsek commented Mar 22, 2025
edited
Loading

Nixpkgs version

Unstable (25.05)

Describe the bug

Authelia recently encountered a bug in handling of sessions that led to clearing of sessions within a short timeframe; see also: authelia/authelia#8980

While the nixpkgs version meets or exceeds the required version 4.39.1, it does not apply all required options to correct the regression. The changeset to resolve this issue is described in this pr: authelia/authelia#9004 - this includes an addition to the go build environment variables that are not handled for in the nixpkgs build process leading to the original problem still persisting.

Steps to reproduce

Setup an authelia instance as per services.authelia.instances.<name>.*

Authenticate to a downstream service, in my experience I did not even need to attempt to auth multiple times, instead API calls caused the upstream issue of a session termination.

Expected behaviour

Authelia is does not terminate sessions as per authelia/authelia#8980

Screenshots

No response

Relevant log output

NA - even in debug mode, authelia does not note the upstream issue in my experience

Additional context

I have tested a local fix via;

Addition of the following to sources.nix

env.GOEXPERIMENT = "nosynchashtriemap";

Modification of default.nix to include the above env content and utilise it within buildGoModule as en example:

...
let
  inherit (import ./sources.nix { inherit fetchFromGitHub; })
    env
    pname
    version
    src
    vendorHash
    ;

  web = authelia-web;
in
buildGoModule rec {
  inherit
    env
    pname
    version
    src
    vendorHash
    ;
...

System metadata

  • system: "x86_64-linux"
  • host os: Linux 6.12.19, NixOS, 25.05 (Warbler), 25.05.20250321.94c4dbe
  • multi-user?: yes
  • sandbox: yes
  • version: nix-env (Nix) 2.24.12
  • nixpkgs: `/nix/store/dbg8dsy231ckdqdz6hjwzmp9cfa6bfqf-source

Notify maintainers

Note for maintainers: Please tag this issue in your pull request description. (i.e. Resolves #ISSUE.)

I assert that this issue is relevant for Nixpkgs

Is this issue important to you?

Add a 👍 reaction to issues you find important.
@JayRovacsek JayRovacsek added the 0.kind: bug Something is broken label Mar 22, 2025
@JayRovacsek
Copy link
Contributor Author

@nicomem apologies to tag you, thanks for the update via 7407020 - I'll look to create a PR when I've got some time, but also keen to hear feedback if the resolve route I explored above would even be suitable

@JayRovacsek JayRovacsek linked a pull request Mar 23, 2025 that will close this issue
Open
13 tasks
@JayRovacsek
Copy link
Contributor Author

Created #392258 for this

@nicomem
Copy link
Contributor

nicomem commented Mar 23, 2025

Good catch! I did not see this modification in the upstream build process, but it should indeed be done in ours too

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
0.kind: bug Something is broken
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

authelia: fix session termination bug JayRovacsek/nixpkgs
2 participants
@nicomem @JayRovacsek