Skip to content
This repository has been archived by the owner on Apr 18, 2024. It is now read-only.

request to the redirect_uri path but there's no session state found #34

Closed
lordgreg opened this issue Jun 15, 2023 · 2 comments
Closed

request to the redirect_uri path but there's no session state found #34

lordgreg opened this issue Jun 15, 2023 · 2 comments

Comments

@lordgreg
Copy link

lordgreg commented Jun 15, 2023
edited
Loading

Hi,

I'm using latest Kong gateway with this plugin. I've created the service, route and plugin (I've also added the additional service and route to check if the connection without oidc plugin is working).

My hostnames are:

http://kong-gateway/ (gateway)
http://kong-admin/ (as an admin api)
http://example-service/
http://kong-gateway/example-service redirects to example service without OIDC and
http://kong-gateway/example-oidc redirects to example service with OIDC

REDIRECT URI for oidc plugin is **http://kong-gateway/example-oidc

# SERVICES
# add service with OIDC
curl --location 'http://kong-admin:8001/services' \
--form 'name="example-oidc"' \
--form 'url="http://example-service:8080"

# add service without OIDC
curl --location 'http://kong-admin:8001/services' \
--form 'name="example-service"' \
--form 'url="http://example-service:8080"'

# ROUTES
# add route for service with OIDC
curl --location 'http://kong-admin:8001/services/example-oidc/routes' \
--form 'paths[]="/example-oidc"' \
--form 'name="example-oidc-route"'

# add route for service without OIDC
curl --location 'http://kong-admin:8001/services/example-service/routes' \
--form 'paths[]="/example-service"' \
--form 'name="example-service-route"'

# PLUGIN
curl --location 'http://kong-admin:8001/services/example-oidc/plugins' \
--form 'name="oidc"' \
--form 'config.client_id="CLIENT_ID"' \
--form 'config.client_secret="CLIENT_SECRET"' \
--form 'config.discovery="https://OPENID-SERVER/.well-known/openid-configuration"' \
--form 'config.redirect_uri="http://kong-gateway/"'

After successful redirect, I am getting:

request to the redirect_uri path but there's no session state found.

What am I missing here?
@lordgreg lordgreg changed the title no Route matched with those values after successful login request to the redirect_uri path but there's no session state found Jun 16, 2023
@lordgreg
Copy link
Author

lordgreg commented Jun 16, 2023
edited
Loading

After several days, I have figured out it was the dependency mismatch!

After checking the plugin versions with luarocks list I've found out that there were two versions of lua-resty-session installed:

lua-resty-session
   4.0.3-1 (installed) - /usr/local/lib/luarocks/rocks-5.1
   3.10-1 (installed) - /usr/local/lib/luarocks/rocks-5.1

The 4.0.3-1 comes from kong 3.3.0
and the 3.10-1 comes from lua-resty-openidc 1.7.6-3.

It looks like, even though 3.10-1 is installed, the configuration somehow took the version 4. As soon as I've removed the version 4 with luarocks remove lua-resty-session 4.0.3-1 --force and restarted kong, everything started working without any issues.

There is currently PR open zmartzone/lua-resty-openidc#478 which, if updated correctly, should only include one specific version.

@lordgreg lordgreg mentioned this issue Jun 16, 2023
Closed
@brafales
Copy link

Same issue as zmartzone/lua-resty-openidc#480, it'd be great to get zmartzone/lua-resty-openidc#478 reviewed and merged.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@lordgreg @brafales