Hello Zhiyuan, thank you for your kind response. Looking for more infos i found that the originating cause was:
openidc.lua:1106: authenticate(): state from argument: XXX does not match state restored from session: YYY i then find this case: https://github.com/zmartzone/lua-resty-openidc/issues/206 Adding this line: nginx_config: worker_processes: 1 at the bottom of the config.yaml for apisix now the problem is solved. What could be the possible impact of lowering the worker_processes from auto to 1? Greetings, Alessio On Wed, Aug 14, 2024 at 3:43 AM Zhiyuan Ju <juzhiy...@apache.org> wrote: > > Hello Alessio, > > It's great to see another case of APISIX being combined with NodeRed! > Although I haven't tested using APISIX to protect NodeRed myself (via > OIDC), I can arrange some time with teammates to test and verify it. I'll > keep you updated. > > Additionally, we can schedule an online meeting to discuss this further > after tomorrow, allowing us time to test first. You can check my > availability here: https://calendar.app.google/HsJHyv4qnkxASeNU9 > > P.S. For anyone else interested in integrating APISIX with NodeRed, here's > a post I wrote previously: https://api7.ai/blog/apache-apisix-and-node-red > Best Regards > Zhiyuan > > > On Wed, Aug 14, 2024 at 2:10 AM Alessio Bernesco Làvore < > alessio.berne...@gmail.com> wrote: > > > Hello, > > i'm doing some tests using Apisix to provide access to different > > instances of Nodered using proxy-rewrite, and everything works fine, > > calling different routes pointing then to the different instances > > dashboards. > > > > Now i'm trying to integrate OpenID authorization using Keycloak, and > > if i call a single API (made with the HTTP node in Nodered everything > > works fine). > > > > Trying to open the Nodered dashboard the page remains white and > > watching the Apisix logs there are a lot of errors any time there's an > > asset file to retrieve (ie js/css files). > > > > openidc.lua:1106: authenticate(): state from argument: > > 91b8c9704acbc3116e434bb8e62c74d5 does not match state restored from > > session: 9180612f39012e827f0f7c292749aa1e > > openidc.lua:1484: authenticate(): request to the redirect_uri path but > > there's no session state found > > openid-connect.lua:555: phase_func(): OIDC authentication failed: > > request to the redirect_uri path but there's no session state found > > > > I'm looking for a way to secure those Nodered installations behind > > Apisix, and I'm looking for any hint on how to proceed. > > > > Greetings, > > Alessio > >
