Unable to verify authorization request state. when I hit the auth routes by redirecting from a page but when I try again by redirecting to auth route from the page the auth works successfully

[NitinKhareH]

We only redirect from the page when we have no user in the session

` router.get('/auth/openidconnect',oidcSettings, oidcProviderReq); router.get('/auth/openidconnect/callback',oidcSettings, oidcCallback);

let oidcSettings = function (req, res, next) {

  //provider contains all the required data

    var OidcStrategy = require('passport-openidconnect').Strategy;
    passport.use('oidc', new OidcStrategy({
        issuer: provider.settings.issuer,
        authorizationURL: provider.settings.authorizationURL,
        tokenURL: provider.settings.tokenURL,
        userInfoURL: provider.settings.userInfoURL,
        clientID: provider.settings.ClientID,
        clientSecret: provider.settings.clientSecret,
        callbackURL: provider.settings.callbackURL, 
        scope: 'openid profile'
    }, (issuer, sub, profile, accessToken, refreshToken, done) => {
        if (!(profile && profile._json && profile._json.email)) {
            return done(null, false);
        }
        req.params.provider =profile.id
        oidcLogin(req, profile, 'oidc_user', done); //basically either logs into the application or creates a new user 
    }));
    next();

}

let oidcProviderReq = function(req, res, next){ passport.authenticate('oidc', {scope: 'openid profile'})(req, res, next); }

let oidcCallback = function(req, res, next){ passport.authenticate('oidc', function (err, user, info) { if(err) throw err; console.log(user) })(req, res, next); }

`

[kellerassel007]

It might be because of state url parameter encoding. Having the issue that in 10% of the cases the authentication fails because randomly generated state contains special characters that cause problems with AWS Cognito...