You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Setting config.session_secret (even to a correct base64 encoded value) breaks the plugin if the $session_secret variable has not been set on Kong.
The problem disappears if you set it first on Kong (I use it in a docker environment where you can set it with the following ENV variable KONG_NGINX_PROXY_SET: "$$session_secret <yoursecret>") but then I'm not sure why you would set it through the plugin in the first place.
Couldn't that whole feature be dropped and a recommendation to set a session_secret in your Kong configuration be added in the documentation?
As a side-note, we encountered that problem when trying to fix an issue where loading static files for Kibana behind Kong would fail, thus leading us to #78 and after some more research to #1 where we discovered that setting session_secret properly on Kong itself would solve all our issues.
Thanks.
The text was updated successfully, but these errors were encountered:
Hello @asjongers!
This is really great comment and seems you've fixed issue with request to the redirect_uri_path but there's no session state found after redirect.
I've been using kong as part of docker setup and added that environment variable without adding session_secret to the plugin. But whenever i add both - i have error kong error 500.
Can you please give more detailed information how did you fix an issue?
Some information about my setup:
In our case, we stopped using config.session_secret as it would just end up overriding the one already set but if you really do need to set one, make sure you provide a properly base64 encoded secret or your service will probably end up sending a 500 response because of this if clause:
if config.session_secret then
local decoded_session_secret = ngx.decode_base64(config.session_secret)
if not decoded_session_secret then
utils.exit(500, "invalid OIDC plugin configuration, session secret could not be decoded", ngx.exit(ngx.HTTP_INTERNAL_SERVER_ERROR))
end
ngx.var.session_secret = decoded_session_secret
end
If it's not already the case, try setting config.session_secret to a proper base64 encoded secret and see if it works! You could use this website to generate one.
Hi,
Setting
config.session_secret
(even to a correct base64 encoded value) breaks the plugin if the $session_secret variable has not been set on Kong.The problem disappears if you set it first on Kong (I use it in a docker environment where you can set it with the following ENV variable
KONG_NGINX_PROXY_SET: "$$session_secret <yoursecret>"
) but then I'm not sure why you would set it through the plugin in the first place.Couldn't that whole feature be dropped and a recommendation to set a session_secret in your Kong configuration be added in the documentation?
As a side-note, we encountered that problem when trying to fix an issue where loading static files for Kibana behind Kong would fail, thus leading us to #78 and after some more research to #1 where we discovered that setting session_secret properly on Kong itself would solve all our issues.
Thanks.
The text was updated successfully, but these errors were encountered: