search

Leantime / leantime

Leantime is a goals focused project management system for non-project managers. Building with ADHD, Autism, and dyslexia in mind.
https://leantime.io
GNU Affero General Public License v3.0
4.41k stars 578 forks source link

[BUG] Unable to log in with OIDC. Redirects back to login page. #2519

Open Sgt-Ogre opened 3 months ago

Sgt-Ogre commented 3 months ago

If you have problems with the installation please use our community forum

What set up are you using

Describe the bug When attempting to log in with OIDC user after initial setup i get redirected to the login screen after IDP login. The user gets created but i am unable to log in with that user.

To Reproduce Steps to reproduce the behavior:

  1. Setup OIDC configuration
  2. Log in using the OIDC Login button
  3. After login you will be redirected to login page
  4. User gets created and can be seen on the admin side.

Expected behavior User is forwarded to dashboard

Leantime Version Latest Docker image pulled last night

Server NGINX reverse Proxy

PHP / MySQL Version mysql docker 8.0

Additional context Using authentik as the IDP

samuk commented 3 months ago

I'm also having a similar issue getting Keycloak OIDC to work

sy-gpe commented 2 months ago

Hello !

I think I've found out why this is happening. The SID cookie is now set with the SameSite restriction as Strict, which prevents the web browser from sending it when you're hitting the callback URL.

According to my tests, changing this restriction to Lax seems to fix the issue.

You can change this line on Leantime v3.1.4 to patch this issue : 

->withSameSite('Lax')

@marcelfolaron Would your PR also fix this issue ? Or should I create a new one ?

Best regards

marcelfolaron commented 2 months ago

Hey, yes the latest PR changes this back to Lax