search

Azure-Samples / ms-identity-python-flask-webapp-authentication

This sample demonstrates a Python Flask webapp that signs in users in your tenant using Azure Active Directory
MIT License
54 stars 18 forks source link

Intermittent Issue with Login #7

Open Rvalle23 opened 2 years ago

Rvalle23 commented 2 years ago

Please provide us with the following information:

This issue is for a: (mark with an x)

- [x] bug report -> please search issues before submitting
- [ ] feature request
- [ ] documentation issue or request
- [ ] regression (a behavior that used to work and stopped in a new release)

Minimal steps to reproduce

When leave the web open on browser after an hour, or open the browser; the web sometimes does GET //auth/redirect? and it shows an Internal Server Error.

Any log messages given by the failure

| [2022-09-12 18:35:48,924] ERROR in init: process_auth_redirect: security violation ('Failed to match request state with session state',) backend | [2022-09-12 18:35:48,925] ERROR in app: Exception on /auth/redirect [GET] backend | Traceback (most recent call last): backend | File "/usr/local/lib/python3.8/site-packages/flask/app.py", line 2525, in wsgi_app backend | response = self.full_dispatch_request() backend | File "/usr/local/lib/python3.8/site-packages/flask/app.py", line 1822, in full_dispatch_request backend | rv = self.handle_user_exception(e) backend | File "/usr/local/lib/python3.8/site-packages/flask_cors/extension.py", line 165, in wrapped_function backend | return cors_after_request(app.make_response(f(args, kwargs))) backend | File "/usr/local/lib/python3.8/site-packages/flask/app.py", line 1820, in full_dispatch_request backend | rv = self.dispatch_request() backend | File "/usr/local/lib/python3.8/site-packages/flask/app.py", line 1796, in dispatch_request backend | return self.ensure_sync(self.view_functions[rule.endpoint])(view_args) backend | File "/usr/local/lib/python3.8/site-packages/ms_identity_web/flask_blueprint/init.py", line 44, in aad_redirect backend | return id_web.process_auth_redirect(redirect_uri=url_for('.aad_redirect',_external=True), backend | File "/usr/local/lib/python3.8/site-packages/ms_identity_web/init.py", line 40, in assert_adapter backend | return f(self, args, *kwargs) backend | File "/usr/local/lib/python3.8/site-packages/ms_identity_web/init.py", line 127, in process_auth_redirect backend | raise ase backend | File "/usr/local/lib/python3.8/site-packages/ms_identity_web/init.py", line 105, in process_auth_redirect backend | self._verify_state(req_params) backend | File "/usr/local/lib/python3.8/site-packages/ms_identity_web/init.py", line 40, in assert_adapter backend | return f(self, args, **kwargs) backend | File "/usr/local/lib/python3.8/site-packages/ms_identity_web/init.py", line 259, in _verify_state backend | raise AuthSecurityError("Failed to match request state with session state") backend | ms_identity_web.errors.AuthSecurityError: Failed to match request state with session state backend | 150.172.230.173 - - [12/Sep/2022 18:35:48] "GET //auth/redirect?

Expected/desired behavior

Use the session cokies.

OS and Version?

Windows 7, 8 or 10. Linux (which distribution). macOS (Yosemite? El Capitan? Sierra?)

Versions

Mention any other details that might be useful

Thanks! We'll be in touch soon.