leantime icon indicating copy to clipboard operation
leantime copied to clipboard
verified publisher icon Leantime

[BUG] Unable to log in with OIDC. Redirects back to login page.

Open Sgt-Ogre opened this issue 1 year ago • 3 comments

If you have problems with the installation please use our community forum

What set up are you using

  • [ ] Cloud Hosted Version
  • [ x ] Self Hosted

Describe the bug When attempting to log in with OIDC user after initial setup i get redirected to the login screen after IDP login. The user gets created but i am unable to log in with that user.

To Reproduce Steps to reproduce the behavior:

  1. Setup OIDC configuration
  2. Log in using the OIDC Login button
  3. After login you will be redirected to login page
  4. User gets created and can be seen on the admin side.

Expected behavior User is forwarded to dashboard

Leantime Version Latest Docker image pulled last night

Server NGINX reverse Proxy

PHP / MySQL Version mysql docker 8.0

Additional context Using authentik as the IDP

Sgt-Ogre avatar May 24 '24 15:05 Sgt-Ogre

I'm also having a similar issue getting Keycloak OIDC to work

samuk avatar Jun 05 '24 19:06 samuk

Hello !

I think I've found out why this is happening. The SID cookie is now set with the SameSite restriction as Strict, which prevents the web browser from sending it when you're hitting the callback URL.

According to my tests, changing this restriction to Lax seems to fix the issue.

You can change this line on Leantime v3.1.4 to patch this issue :

->withSameSite('Lax')

@marcelfolaron Would your PR also fix this issue ? Or should I create a new one ?

Best regards

sy-gpe avatar Jun 12 '24 10:06 sy-gpe

Hey, yes the latest PR changes this back to Lax

marcelfolaron avatar Jun 13 '24 12:06 marcelfolaron