Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Failed to get user #588

Open
SOG-web opened this issue Dec 18, 2024 · 3 comments
Open

Failed to get user #588

SOG-web opened this issue Dec 18, 2024 · 3 comments

Comments

@SOG-web
Copy link

SOG-web commented Dec 18, 2024

I keep getting this response, am using in memory session store
{"status":"error","message":"Failed to get user: could not find a matching session for this request"}
@thirtified
Copy link

Is it possible that you are changing your gothic.Store at some point during the flow? This would explain why a session can not be found.

Otherwise you may want to provide a few more details on your implementation for us to analyse, cheers.

@stecullum
Copy link

Im getting the exact same error but only when using Safari.

  • Chrome works fine for google/keycloak (openid-connect)
  • Safari fails for google/keycloak (openid-connect)
  • Ive set all my callbacks / redirects to "127.0.0.1" and in the case of keycloak ( both are on same host )
    ..

The Basic setup

store := sessions.NewCookieStore([]byte(env.AppConfig.COOKIE_ENCRYPTION_KEY))
	store.MaxAge(86400 * 30)
	store.Options.Path = "/"
	store.Options.HttpOnly = true // HttpOnly should always be enabled
	store.Options.Secure = true
	store.Options.SameSite = http.SameSiteNoneMode

gothic.Store = store

goth.UseProviders(
		google.New(env.AppConfig.GOOGLE_CLIENT_ID, env.AppConfig.GOOGLE_CLIENT_SECRET, env.AppConfig.GOOGLE_AUTH_CALLBACK, "profile", "email"),
	)

openidConnect, _ := openidConnect.New("goth-client",
		"**random secret**",
		"http://127.0.0.1:3001/auth/openid-connect/callback",
		"http://127.0.0.1:8181/realms/my-demo/.well-known/openid-configuration")
	if openidConnect != nil {
		goth.UseProviders(openidConnect)
	}

//
// FailurePoint ...
//
// GetFromSession retrieves a previously-stored value from the session.
// If no value has previously been stored at the specified key, it will return an error.
func GetFromSession(key string, req *http.Request) (string, error) {
	session, _ := Store.Get(req, SessionName)

^^^^ session looks valid but values is always empty on safari ( see below for example )

	value, err := getSessionValue(session, key)
	if err != nil {
		return "", errors.New("could not find a matching session for this request")
	}

	return value, nil
}

Session Example ..from getSessionValue(session, key)

Options: *sessions.Options {
   sessions.Options {Path: "/", Domain: "", MaxAge: 2592000, Secure: true, HttpOnly: true, Partitioned: false, SameSite: SameSiteNoneMode (4)
}
Secure: true
IsNew: true
name: "_gothic_session"
Values = map[interface {}]interface {} []

In the safari browser there is never the internal __gothic_session

Chrome...

Image

Safari.. is empty

Hope that helps

@thirtified
Copy link

Did you try out using other SameSite settings for the CookieStore, e.g. SameSiteLaxMode? I vaguely remember that this made a difference for me in certain browser/provider configurations.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@thirtified @SOG-web @stecullum