Closed pavankumar1986 closed 2 weeks ago
Verdent
commented
1 month ago Hi @pavankumar1986 ,
I believe that the failure is not caused by access token value encryption (mentioned cookie-encryption-enabled ), but rather other cookies we are using. You can either disable encryption for each cookie individually or set your master password for cookie encryption. That should do the trick.
cookie-encryption-password=ChangeThisToYourPassword
Please let me know if this helped.
pavankumar1986
commented
1 month ago As per the documentation the cookie encryption shall be default to false. But since the cookie encryption is being set to true by default, we are forced to give an encryption key.
Verdent
commented
1 month ago Are you absolutely sure access token cookie encryption is set to true? I mean cookie-encryption-enabled affects only access token encryption and it is the only one, which is set to false by default. It does not affect any other cookies. And yes, those are set to true by default. You can disable the encryption for each cookie separately, but it is not advised to do so due to the security reasons.
Verdent
commented
2 weeks ago Works as intended. Please, reopen if I am mistaken.
Environment Details
Problem Description
[//]: # The oidc security config cookie-encryption-enabled, which as supposed to be disabled (default to false). Is not working and which is invoking the cookie encrypt/decrypt resulting in {"code":500,"message":"Failed to decrypt the message","timeStamp":"2024-05-30T08:00:24.851324232Z"} [//]: # Yes its easily reproducible
I have tried setting cookie-encryption-enabled to false explicitly also, it does not work.
Steps to reproduce
[//]: # Setup and helidon application MP with defaults, oidc=idcs server. Not this happens in kubernetes env only. If ran as main program it works fine. [//]: # Build a secured rest API and invoke it, it shall be resulting in {"code":500,"message":"Failed to decrypt the message","timeStamp":"2024-05-30T08:00:24.851324232Z"}