oidc-client-ts icon indicating copy to clipboard operation
oidc-client-ts copied to clipboard

Published 20 hours ago verified publisher icon authts

Getting "No matching state found in storage" error

Open YogiDhingani27 opened this issue 1 year ago • 12 comments

When I'm trying to visit a url which has a code as a query param then authentication is failing and giving this error.

Other urls are working fine for ex: http://localhost:3004/integration

Not working url:

http://localhost:3000/integration?state=%7B%22uuid%22:%20%1234%22,%20%22platform%22:%20%22google%22%7D&code=1233434&scope=email%20profile%20https://www.googleapis.com/auth/userinfo.profile%20https://www.googleapis.com/auth/userinfo.email%20https://www.googleapis.com/auth/drive.readonly%20openid&authuser=0&hd=werwer.com&prompt=consent

image

Note: Excluding url having code as a query parameter other urls are working fine.

I want a code query parameter in my url for OAuth related authentication.

YogiDhingani27 avatar Apr 30 '24 12:04 YogiDhingani27

UserManager Configuration:

export const userManager = new UserManager({ authority: authority, client_id: clientId, redirect_uri: window.location.origin + window.location.pathname, post_logout_redirect_uri: window.location.origin, monitorSession: true });

I'm using keycloak for authentication.

YogiDhingani27 avatar May 01 '24 03:05 YogiDhingani27

You will need to debug/log your specific application issue. Using https://authts.github.io/oidc-client-ts/#md:logging.

When the authentication process starts this library add a state to the session storage, this state later when the callback is received must be found again.

Store: https://github.com/authts/oidc-client-ts/blob/main/src/OidcClient.ts#L145 Read: https://github.com/authts/oidc-client-ts/blob/main/src/OidcClient.ts#L159

pamapa avatar May 06 '24 12:05 pamapa

@pamapa I'm using keycloak for authentication there is nothing i can debug. Initiallly when i hit the url, keycloak will automatically append the code into url for authentication purpose. So i think oidc is considering the wrong code for authentication as above mentioned. i have a two code keys.

And above mentioned url is working if i'm using react-keycloak/web.

YogiDhingani27 avatar May 09 '24 11:05 YogiDhingani27

Are you doing a round trip every time you visit a page? You are using whatever page visited as the redirect callback url.. how do you check if it's a redirect callback or not?

vvikene avatar Aug 01 '24 10:08 vvikene

Are you doing a round trip every time you visit a page? You are using whatever page visited as the redirect callback url.. how do you check if it's a redirect callback or not?

I'm not checking the redirect url. oidc is giving the error when you have code query param in url.

YogiDhingani27 avatar Aug 09 '24 09:08 YogiDhingani27

Here is the video of the issue which you can refer:

As you can see in this video. Issue is facing when url includes state and code as a query params, for other cases it is working as expected.

keycloak-issue.webm

YogiDhingani27 avatar Aug 12 '24 06:08 YogiDhingani27

Hi @pamapa,

If user includes state and code as a query params in url then it is giving this error.

Can you please help me how can i solve this issue?

Thanks!

YogiDhingani27 avatar Aug 12 '24 09:08 YogiDhingani27

Having the same issue

Hatko avatar Sep 04 '24 14:09 Hatko