Re: [I] bug: Two sessions shown when using openid-connect [apisix]

via GitHub Tue, 24 Dec 2024 01:23:37 -0800


yardenshoham commented on issue #11711:
URL: https://github.com/apache/apisix/issues/11711#issuecomment-2560889139


   Looks like it's happening because the session is too large. You could reduce 
it's size by adding this config to the plugin:
   
   ```yaml
   openid-connect:
     ...
     bearer_only: false
     # this comes from https://github.com/zmartzone/lua-resty-openidc, if this 
is missing, all information will be stored in the session. This
     # causes the cookies to be too large and the request to fail. We have 
control over id_token, user, enc_id_token, and access_token.
     # We currently include only access_token in the session. If this gets too 
big we can remove it as well.
     session_contents: 
       access_token: true
     session:
       secret: "NTgzZWY1MzAtOTcyNi00MzA5LWI1MjItNjFhMzI2NzRkZWQxCg==" # used 
`uuidgen|base64` to generate this secret
   ```


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

Re: [I] bug: Two sessions shown when using openid-connect [apisix]

Reply via email to