search

aborn / nuxt-openid-connect

OpenID-Connect(OIDC) integration module for nuxt 3.0.
31 stars 16 forks source link

Stuck in login loop #24

Open peirix opened 6 months ago

peirix commented 6 months ago

I've got this setup:

openidConnect: {
    addPlugin: true,
    op: {
        issuer: process.env.NUXT_OPENID_CONNECT_OP_ISSUER || '',
        clientId: process.env.NUXT_OPENID_CONNECT_OP_CLIENT_ID || '',
        clientSecret: process.env.NUXT_OPENID_CONNECT_OP_CLIENT_SECRET || '',
        callbackUrl: process.env.NUXT_OPENID_CONNECT_OP_CALLBACK_URL || '', // http://localhost:3000/mine-rom
        scope: ['openid userid-feide']
    },
    config: {
        debug: true, // optional, default is false
        response_type: 'code',
        secret: 'oidc._sessionid',
        cookie: { loginName: '' },
        cookiePrefix: 'oidc._',
        cookieEncrypt: true,
        cookieEncryptKey: 'bfnuxt9c2470cb477d907b1e0917oidc', // 32
        cookieEncryptIV: 'ab83667c72eec9e4', // 16
        cookieEncryptALGO: 'aes-256-cbc',
        cookieMaxAge: 24 * 60 * 60, //  default one day
        cookieFlags: {
            // default is empty
            access_token: {
                httpOnly: true,
                secure: false
            }
        }
    }
}

The vue-page mine-rom is set up to use the same auth middleware in your playground folder.

When I go to login, I'm sent back to /mine-rom with params: ?redirect=/mine-rom&code=fae65820-9bb2-48be-b02d-0ce4a1749022 And then it triggers the auth middleware and for some reason it detects I'm not logged in, so it sends me back to the login with this redirect url: http://localhost:3000/mine-rom?redirect=/mine-rom?redirect=/mine-rom&code=fae65820-9bb2-48be-b02d-0ce4a1749022 and if I login from that it just keeps adding redirect params to the url.

In my localstorage I see a key oidc._user which is just set to {}, and in my cookies I see the oidc._sessionid has a hashed value.

raj-saroj-vst-au4 commented 5 months ago

comment out the callback url, you're welcome...

aborn commented 5 months ago

How to reproduction this bug ? Can you show me an example?

leamsigc commented 5 days ago

Make sure that the response type from the issuer is correct

Example I have one keycloak service that is returning response_type: "code", but i set it to response_type: "id_token token", that couse the login loop