Issue with refresh token with version 2.4.15.7 #1265
Replies: 3 comments
-
please read https://github.com/OpenIDC/mod_auth_openidc/wiki/Known-Limitations |
Beta Was this translation helpful? Give feedback.
-
Thanks for quick response. just checking are you trying to suggest - |
Beta Was this translation helpful? Give feedback.
-
the vast majority of use cases don't actually need |
Beta Was this translation helpful? Give feedback.
-
Hi OpenIDC team + community,
We recently upgraded our last Sunday to mod_auth_openidc version to 2.4.15.7 which causes now some troubles in a clustered environment (with 4 nodes).
Apache version: apache-2.4.58
mod_auth_openidc: 2.4.15.7
backend application : spring boot 5.3.29
Issue:
The issue is, Initially the user successfully logins into the spring application after authenticating via IDP (apache/mod_auth_openidc) and be able to access the different pages of this application.
After sometime, The users are getting kicked out from the current sessions with 500 internal server error. Even with the page refresh, it doesn't allow them to login back and unable to access app.
After 5 mins, when the user refreshes the same page on the same tab, it get redirect to authentication for fresh authentication.
Debug Log:
We have found the following error logs from server side:
2024-09-17 17:03:17.942139 auth_openidc:debug <CLIENT_IP>:0 ZumoRWewIYslUkQHy-6ItQAAEzY oidc_http_call: set HTTP request header User-Agent to: [:1362:1299700] mod_auth_openidc-2.4.15.7 libcurl-7.77.0 OpenSSL 1.1.1q 5 Jul 2022
2024-09-17 17:03:18.014723 auth_openidc:debug <CLIENT_IP>:0 ZumoRWewIYslUkQHy-6ItQAAEzY oidc_http_call: HTTP response code=400
2024-09-17 17:03:18.014764 auth_openidc:debug <CLIENT_IP>:0 ZumoRWewIYslUkQHy-6ItQAAEzY oidc_http_call: response={"error_description":"grant is invalid","error":"invalid_grant"}
2024-09-17 17:03:18.015019 auth_openidc:error <CLIENT_IP>:0 ZumoRWewIYslUkQHy-6ItQAAEzY oidc_util_json_string_print: oidc_util_check_json_error: response contained an "error" entry with value: ""invalid_grant""
2024-09-17 17:03:18.015057 auth_openidc:error <CLIENT_IP>:0 ZumoRWewIYslUkQHy-6ItQAAEzY oidc_util_json_string_print: oidc_util_check_json_error: response contained an "error_description" entry with value: ""grant is invalid""
2024-09-17 17:03:18.015082 auth_openidc:error <CLIENT_IP>:0 ZumoRWewIYslUkQHy-6ItQAAEzY oidc_refresh_token_grant: access_token could not be refreshed with refresh_token: <REFERSH_TOKEN>
Could you please review and suggest a solution for this issue.
Beta Was this translation helpful? Give feedback.
All reactions