Open petergrlica opened 1 year ago
I do have an account with the same issue, if you need help with debugging, I can provide more info.
Working on Authorization token exchange on new tab.
@vicpatel Note down the necessary information that you found out to fix this issue
There are few possible solutuions to fix this:
auth_session
as of now there is one session per each login flow.Updated description.
Can't reproduce. The example Peter provided is for an old old version and it seems not relevant when updated to the latest version. Waiting for any replies on the forum thread.
Stale issue message
Im having the same issue. Im using non dockerized nginx and Im getting "internal error" on the first setup. however I can register and login, but without to access the admin page. sub.domain.com/ -> redirects to "/auth/oauth2/authorize?client_id=35808480891765145" -> internal error
I cannot see any authorized clients on the profile page. anyway its working with the nginx docker setup, but dont with the non dockerized nginx.
DEBUG auth handling request {"url": "/auth/oauth2/default-client?redirect_uri=https://domain.domain.com/auth/callback&scope=profile%20api&state=shojyo9mtlo", "method": "GET"}
DEBUG auth handling request {"url": "/auth/oauth2/authorize?client_id=358084808917651459&redirect_uri=SNIPDOMAIN%2Fauth%2Fcallback&response_mode=query&response_type=code&scope=profile+api&state=shojyo9mtlo", "method": "GET"}
DEBUG auth starting new oauth2 authorization flow {"params": {"client_id":["358084808917651459"],"redirect_uri":["https://SNIPDOMAIN.comauth/callback"],"response_mode":["query"],"response_type":["code"],"scope":["profile api"],"state":["shojyo9mtlo"]}}
ERROR auth error in handler {"error": "invalid client: not found"}
.env:
DOMAIN=sub.domain.com
VERSION=2023.3.7
LETSENCRYPT_HOST=sub.domain.com
HTTP_WEBAPP_ENABLED=true
also not working: HTTP_SSL_TERMINATED=true, without letsencrypt_host and virtual_host instead
Stale issue message
Stale issue message
Invalid client issue on auth screen pops-up now and then, investigate what the culprit is.
Some context: https://forum.cortezaproject.org/t/invalid-client-not-found-agian/981
Cause: This happens due to opening too many (>2) new tabs simultaneously. since all the request uses the same auth_session to authenticate, due to that once
auth_session
verifies clientID is removed from it, due to that auth flow fails for the others and result in invalid clientID(empty).