After restarting IIS(OIDC Server), I receive an error as State not valid

[ozanmanav]

Issue and Steps to Reproduce

After restarting IIS, I receive an error as follows when users first log in. After redirect login and try again it works.

Versions

7.19.0

Screenshots

After refresh in same page:

Expected

It should work for first login.

Actual

It is getting error after reset IIS session.

[guillaume-chervet]

hi @ozanmanav ,

Thank you again for your issue :) Are you restarting your Application Server or your OIDC Server? Do you have the all newtork history? to understand what's happening?

[ozanmanav]

1- Our OIDC IIS Server 2- I don't have any network history only have this link and these console messages:

/auth-callback?code=RkdVAiHe-dC0CoDQkQCIvP747mXZPlhFnxuC1IxiBj8&state=5bNZgSMAwLxFAvqR&iss=XXXXX

[ozanmanav]

@guillaume-chervet We realized that it was related to service worker and had to turn off this mode. :/

[guillaume-chervet]

Thank you @ozanmanav for the feedback. It is a strange bug. I cannot reproduce it.

[guillaume-chervet]

I found the problem I think and fixed it here : https://github.com/AxaFrance/oidc-client/commit/44d15be1c4d8f5069f15ddc5351e546fc5eb7730

It took me time to find it @ozanmanav but it already fix the HTTP 401 on the userinfo endpoint on the first connection.

[ozanmanav]

This still seems to be the case, we get an error on the first login when we reset iis on the server side. @guillaume-chervet :/