Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

missing session cookie - from lua resty openidc #184

Open
dhavalkshah opened this issue Oct 7, 2024 · 1 comment
Open

missing session cookie - from lua resty openidc #184

dhavalkshah opened this issue Oct 7, 2024 · 1 comment

Comments

@dhavalkshah
Copy link

Context:
I am trying to use Kong + OpenIDC (Custom plugin), based on nokia/kong-oidc
The setup is using docker desktop.

I run luarocks install lua-resty-openidc while building the custom kong image.

Following the code-snippet from my handler.lua:

local res, err = require("resty.openidc").authenticate(oidcConfig)
    if err then
        if oidcConfig.recovery_page_path then
            ngx.log(ngx.NOTICE, "Entering recovery page: " .. oidcConfig.recovery_page_path)
            ngx.redirect(oidcConfig.recovery_page_path)
        end
        utils.exit(500, err, ngx.HTTP_INTERNAL_SERVER_ERROR)
    end

I get the following error:
attempt to call method 'start' (a nil value), client: 172.18.0.1, server: kong, request: "GET /mock HTTP/1.1", host: "localhost:8000", request_id: "7df8870a8d3fa916cf1c5a540f2b9f3f"

I figured that it was from session:start() present in openidc.
It seemed that session was not getting initialized, so I tried similar in my local handler.lua.
Following is the code from my local handler.lua (inspired from openidc)

    local session, err, ret = require("resty.session").open(nil)
    if (session ~= nil) then
        ngx.log(ngx.NOTICE,"session is not nil")
        ngx.log(ngx.DEBUG,
            "session.present=", session.present,
            ", session.data.id_token=", session.data.id_token ~= nil,
            ", session.data.authenticated=", session.data.authenticated,
            ", err=", err,
            ", ret=",ret
        )
        session:start()
    else
        ngx.log(ngx.NOTICE, "Session is nil")
    end

I observe that session is not null and err is printed is as "missing session cookie".
Here is the snippet of the logs

2024-10-07 11:16:12 2024/10/07 05:46:12 [notice] 2413#0: *20313 [lua] handler.lua:73: make_oidc(): OidcHandler calling authenticate, requested path: /mock, client: 172.18.0.1, server: kong, request: "GET /mock HTTP/1.1", host: "localhost:8000", request_id: "7df8870a8d3fa916cf1c5a540f2b9f3f"
2024-10-07 11:16:12 2024/10/07 05:46:12 [notice] 2413#0: *20313 [lua] handler.lua:76: make_oidc(): session is not nil, client: 172.18.0.1, server: kong, request: "GET /mock HTTP/1.1", host: "localhost:8000", request_id: "7df8870a8d3fa916cf1c5a540f2b9f3f"
2024-10-07 11:16:12 2024/10/07 05:46:12 [debug] 2413#0: *20313 [lua] handler.lua:77: make_oidc(): session.present=nil, session.data.id_token=false, session.data.authenticated=nil, err=missing session cookie, ret=false
2024-10-07 11:16:12 2024/10/07 05:46:12 [error] 2413#0: *20313 [kong] init.lua:426 [fountane-oidc] ...cal/share/lua/5.1/kong/plugins/fountane-oidc/handler.lua:84: attempt to call method 'start' (a nil value), client: 172.18.0.1, server: kong, request: "GET /mock HTTP/1.1", host: "localhost:8000", request_id: "7df8870a8d3fa916cf1c5a540f2b9f3f"

Not sure what am I missing here.
Any pointers are appreciated.
@chrissnell
Copy link

I'm having the identical issue. Interested to see if you ever figured it out. It seems like the cookie cannot be read by resty.session when the request comes in. I see the client presenting the cookie but the read fails. I am using lua-resty-session within Kong 3.9 and this fork of kong-oidc.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@chrissnell @dhavalkshah