mehmetcuneyit commented on PR #8068: URL: https://github.com/apache/apisix/pull/8068#issuecomment-1578349554
> > @tzssangglass nice! Following workaround in APISIX helm chart values fixes problem in 2.15.1: > > ```yaml > > configurationSnippet: > > httpSrv: | > > set $session_secret 0123456789a5bac9bb3c868ec8b202e93; > > ``` > > Hi all, I tried to use the workaround. > > Now in my values.yaml for apisix helm chart I have: > > ``` > # Custom configuration snippet. > configurationSnippet: > main: | > > httpStart: | > > httpEnd: | > > httpSrv: | > set $session_secret 0123456789a5bac9bb3c868ec8b202e93; > > httpAdmin: | > > stream: | > > # Observability configuration. > ``` > > Still I get a "openid-connect exits with http status code 500" error from the openid-connect plugin. > > ``` > 2022/12/24 12:44:45 [warn] 47#47: *581337 [lua] v3.lua:716: request_chunk(): http://apisix-etcd.apisix.svc.cluster.local:2379: failed to parse domain: failed to parse domain. Retrying, context: ngx.timer > 2022/12/24 12:47:11 [warn] 47#47: *666008 [lua] v3.lua:716: request_chunk(): http://apisix-etcd.apisix.svc.cluster.local:2379: failed to parse domain: failed to parse domain. Retrying, context: ngx.timer > 2022/12/24 12:48:22 [error] 50#50: *673065 [lua] openidc.lua:1100: authenticate(): state from argument: 75f1ea8eb72acd29e847e4afe36ca426 does not match state restored from session: a1072f4e1facdf0e90714bbd6163ea0e, client: 127.0.0.6, server: _, request: "GET /*?state=75f1ea8eb72acd29e847e4afe36ca426&session_state=aff4d9a9-1641-455d-b368-6f13c2925c32&code=9de7dc09-e3db-4507-a4be-51c4b57de1aa.aff4d9a9-1641-455d-b368-6f13c2925c32.84a0adb8-9534-4db9-9e55-7675c11e5b76 HTTP/1.0", host: "apisix.h.net" > 2022/12/24 12:48:22 [error] 50#50: *673065 [lua] openid-connect.lua:315: phase_func(): OIDC authentication failed: state from argument does not match state restored from session, client: 127.0.0.6, server: _, request: "GET /*?state=75f1ea8eb72acd29e847e4afe36ca426&session_state=aff4d9a9-1641-455d-b368-6f13c2925c32&code=9de7dc09-e3db-4507-a4be-51c4b57de1aa.aff4d9a9-1641-455d-b368-6f13c2925c32.84a0adb8-9534-4db9-9e55-7675c11e5b76 HTTP/1.0", host: "apisix.h.net" > 2022/12/24 12:48:22 [warn] 50#50: *673065 [lua] plugin.lua:934: run_plugin(): openid-connect exits with http status code 500, client: 127.0.0.6, server: _, request: "GET /*?state=75f1ea8eb72acd29e847e4afe36ca426&session_state=aff4d9a9-1641-455d-b368-6f13c2925c32&code=9de7dc09-e3db-4507-a4be-51c4b57de1aa.aff4d9a9-1641-455d-b368-6f13c2925c32.84a0adb8-9534-4db9-9e55-7675c11e5b76 HTTP/1.0", host: "apisix.h.net" > ``` > > What I'm doing wrong? Change 'set $session_secret' -> 'set $session_redis_password' , the lua-resty-session lib updated [this field](https://github.com/bungle/lua-resty-session#redis-configuration) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
