Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Failed to login, get "Oops, your session has expired. Please try again." #240

Open
zhaohuabing opened this issue Dec 16, 2023 · 2 comments
Open

Failed to login, get "Oops, your session has expired. Please try again." #240

zhaohuabing opened this issue Dec 16, 2023 · 2 comments

Comments

@zhaohuabing
Copy link
Contributor

Sometimes failed to log in the first time, but succeeded after a refresh.

user navigates to url -> redirected to OIDC provider -> login -> redirected back to original service -> user sees "Oops, your session has expired. Please try again."

in the browser -> user can refresh the page which fixes the issue and user is signed in

log from this event:

[2023-12-01 14:15:09.391] [console] [debug] Check: processing request https://c2d2.apps.dso.mil/oauth/callback?state=8MwlraGKWEWxtmJ96MGV2qHklvyQ2z8Bq1CyKNJsSvg&session_state=d178b39a-b273-4ba7-9b86-f6a39667417b&code=2919b5af-6846-4263-a579-75059a4ababe.d178b39a-b273-4ba7-9b86-f6a39667417b.c283dc72-0623-4fd3-b364-637c38d22f61 with filter chain c2d2
[2023-12-01 14:15:09.391] [console] [trace] New
[2023-12-01 14:15:09.391] [console] [trace] OidcFilter
[2023-12-01 14:15:09.391] [console] [trace] Process
[2023-12-01 14:15:09.391] [console] [debug] Call from @10.42.16.0 to [email protected]
[2023-12-01 14:15:09.391] [console] [trace] MatchesCallbackRequest: checking handler for https://c2d2.apps.dso.mil/oauth/callback?state=8MwlraGKWEWxtmJ96MGV2qHklvyQ2z8Bq1CyKNJsSvg&session_state=d178b39a-b273-4ba7-9b86-f6a39667417b&code=2919b5af-6846-4263-a579-75059a4ababe.d178b39a-b273-4ba7-9b86-f6a39667417b.c283dc72-0623-4fd3-b364-637c38d22f61
[2023-12-01 14:15:09.391] [console] [trace] MatchesCallbackRequest: matches_callback: true 
[2023-12-01 14:15:09.391] [console] [trace] RetrieveToken
[2023-12-01 14:15:09.391] [console] [trace] DecodeQueryData decode query: state=8MwlraGKWEWxtmJ96MGV2qHklvyQ2z8Bq1CyKNJsSvg&session_state=d178b39a-b273-4ba7-9b86-f6a39667417b&code=2919b5af-6846-4263-a579-75059a4ababe.d178b39a-b273-4ba7-9b86-f6a39667417b.c283dc72-0623-4fd3-b364-637c38d22f61
[2023-12-01 14:15:09.392] [console] [info] RetrieveToken: Missing state, nonce, and original url requested by the user. Cannot redirect.
@zhaohuabing
Copy link
Contributor Author

zhaohuabing commented Dec 16, 2023
edited
Loading

I suspect it's caused by the sync lag between the redis master and redis slaves. A few retries would solve this.

@zhaohuabing zhaohuabing mentioned this issue Dec 16, 2023
Open
@lsjostro
Copy link

lsjostro commented Feb 7, 2024

@zhaohuabing you might want to have a look at an alternative implementation which is server side stateless, which means it can scale with the amount of replicas without a need for redis/db as a session store.
https://github.com/shelmangroup/envoy-oidc-authserver

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@lsjostro @zhaohuabing