Closed AndTem closed 4 years ago
the state of the oidc field is created at the beginning of authorization and placed in storage then when the response is generated, it deletes the oidc data from the store and saves it locally
response is not generated, it is received by the process, and it cleans up the session namespace related to the authorization. This is intentional and not a bug.
I don't understand your issue and lack details to help. It could be anything from a bad idp to you e.g. reading from a secondary/slave rather than the primary.
Description of the problem My application is scaled using multiple replicas and the following error appears during authorization:
Express-session is used to work with sessions. Reddis is used as storage.
Session settings
Possible Solution Having studied the strategy code, I realized why I get an error: the state of the oidc field is created at the beginning of authorization and placed in storage https://github.com/panva/node-openid-client/blob/ea792096834f285e1457947cc5b617bf6efeed95/lib/passport_strategy.js#L91 then when the response is generated, it deletes the oidc data from the store and saves it locally https://github.com/panva/node-openid-client/blob/ea792096834f285e1457947cc5b617bf6efeed95/lib/passport_strategy.js#L134
Thus it turns out that different replicas store different values state.
I think removing this line would solve my problem: https://github.com/panva/node-openid-client/blob/ea792096834f285e1457947cc5b617bf6efeed95/lib/passport_strategy.js#L134