Does not match state restored from session #168
Description
Hi,
I have a problem with a session state
Installed rocks
Rocks installed for Lua 5.1
---------------------------
lua-resty-http
0.17.1-0 (installed) - /usr/local/openresty/luajit/lib/luarocks/rocks-5.1
lua-resty-jwt
0.2.3-0 (installed) - /usr/local/openresty/luajit/lib/luarocks/rocks-5.1
lua-resty-openidc
1.7.6-3 (installed) - /usr/local/openresty/luajit/lib/luarocks/rocks-5.1
lua-resty-openssl
0.8.22-1 (installed) - /usr/local/openresty/luajit/lib/luarocks/rocks-5.1
lua-resty-session
3.10-1 (installed) - /usr/local/openresty/luajit/lib/luarocks/rocks-5.1
Steps to reproduce:
- Open the app page (http://localhost), you will redirect to keycloak login page and duplicate it
tab 1 - http://host.docker.internal:8888/auth/realms/myrealm/protocol/openid-connect/auth?redirect_uri=http%3A%2F%2Flocalhost%2Fredirect_uri&scope=openid%20email%20profile&state=93172aa3186bac0757a2da4533efcb29&nonce=11f28c0fec4ce010a2a3b69a61df71ce&client_id=openresty-proxy&response_type=code
tab 2 - http://host.docker.internal:8888/auth/realms/myrealm/protocol/openid-connect/auth?redirect_uri=http%3A%2F%2Flocalhost%2Fredirect_uri&scope=openid%20email%20profile&state=93172aa3186bac0757a2da4533efcb29&nonce=11f28c0fec4ce010a2a3b69a61df71ce&client_id=openresty-proxy&response_type=code - Login on the first tab, after a user is logged in, reload the second tab
Actual result from second tab:
Logs from docker
2023/05/17 11:02:06 [error] 1#1: *58 [lua] openidc.lua:1106: authenticate(): state from argument: 93172aa3186bac0757a2da4533efcb29 does not match state restored from session: nil, client: 172.19.0.1, server: localhost, request: "GET /redirect_uri?state=93172aa3186bac0757a2da4533efcb29&session_state=79a2ac8f-f56a-434b-aabc-22d3fa78458a&code=635d4b4f-e024-439a-accd-9b0027f390b4.79a2ac8f-f56a-434b-aabc-22d3fa78458a.49699e6d-791b-4bc9-8a68-c9bc7f29742c HTTP/1.1", host: "localhost"
Expected result
Redirect to the app (http://localhost)
Can I change this behavior?
Thanks