You are viewing a plain text version of this content. The canonical link for it is here.

Posted to notifications@apisix.apache.org by "canob (via GitHub)" <gi...@apache.org> on 2023/05/27 04:46:51 UTC

[GitHub] [apisix] canob commented on issue #2426: bug：enable openid-connect plugin without redirect_uri got 500 error

canob commented on issue #2426:
URL: https://github.com/apache/apisix/issues/2426#issuecomment-1565205767

   > Hi @starsz I change the redirect_uri callback to "pathtoprotect"/callback and some times it just redirect to the Auth Server and others keep throwing 500 error (state not found), i cant figure out why, some toughts?
   
   Hi @Xarxavier,
   
   Did you find a solution for this?
   I'm experiencing a similar behavior of the one that you comment: when I'm not authenticated, I get the authentication page, do a succeded authentication, but after that, I get a 500 error.
   
   The URL is this one:
   http://keycloakurl/realms/myreal/protocol/openid-connect/auth?state=e00f033714f2087c5b902610990cf342&redirect_uri=http%3A%2F%2Fapisixurl%3A9080%2Fadd_note%2Fcallback&client_id=grafana-oauth&scope=openid%20email%20profile%20offline_access%20roles&nonce=119423136878333950d28060c3c51b05&response_type=code
   
   The strange thing is that if I remove the "callback" word of that URL, from the redirect_uri part, I get the response of the upstream API, authenticated:
   http://keycloakurl/realms/myreal/protocol/openid-connect/auth?state=e00f033714f2087c5b902610990cf342&redirect_uri=http%3A%2F%2Fapisixurl%3A9080%2Fadd_note&client_id=grafana-oauth&scope=openid%20email%20profile%20offline_access%20roles&nonce=119423136878333950d28060c3c51b05&response_type=code
   
   In my case, I'm trying to access to "http://apisixurl:9080/add_note", and as I saw in the documentation, I added a redirect_uri param with the value "http://apisixurl:9080/add_note/callback". My route is "/add_note*".
   
   As somebody mentioned before, I cannot set the same access url and redirect url, because that is not working for this plugin.
   
   Is there any piece of advice that you can give me to solve this? 


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org