leuat
commented
2 years ago Managed to fix this with automatic redirection to the oidc auth login if session contains an error.
Closed leuat closed 2 years ago
leuat
commented
2 years ago Managed to fix this with automatic redirection to the oidc auth login if session contains an error.
Hi there!
I have used django-oidc-mozilla in a django web app. works just fine stand-alone.
However, the app is now integrated into another framework (outside of my control) that displays my page in an iframe. This external framework also contains the oidc access point for logging in, so when a user navigates to my app and gets it displayed in an iframe, ideally the "oidc_access_token" object in request.session should contain all the info I need. However, this is not the case, and the object only contains:
{'error': 'invalid_request', 'error_description': "User session not found or doesn't have client attached on it"}
The only way to solve this problem is for the user to manually log out of my iframe application, then log in again - and everything seems to work.
Is there a setting that I've missed that can attach a "parent" session to the "child" session in an iframe?