You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hello I found a similar issue here, but I believe that my case is different.
I have two rules. One for anonymous, one for a protected endpoint. All works just fine on the localhost.
The second deploy is on a private cloud with an external Edge Proxy (ALB). I deploy oathkeeper as a forward auth plugin.
I stuck in a loop: https://id.site.com/api/self-service/login?flow=f27eea3f-cb59-4290-9497-15cdf540d2d9 - 303 https://app.site.com/art/home - 302 <---------------- 302 not 200 ! https://id.site.com/login?return_to=https://app.site.com/art/home - 303 https://id.site.com/api/self-service/login/browser?aal=&refresh=&return_to=https%3A%2F%2Fapp.site.com%2 - 303 https://app.site.com/art/home - 302 <---------------- 302 not 200 !
I'm getting 302 on my app.site.com instead of 200, which I get on the localhost. The reason for that is the absence of Cookie: Cookie: csrf_token_xxxxxx.
How do I debug this situation ? Why do my cookies are getting trimmed?
My setup
https://id.site.com/api/ - kratos API https://id.site.com/ - kratos UI https://app.site.com - my protected app
I call oathkeeper inside my https://app.site.com this way:
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
-
Hello I found a similar issue here, but I believe that my case is different.
I have two rules. One for anonymous, one for a protected endpoint. All works just fine on the
localhost
.The second deploy is on a private cloud with an external Edge Proxy (ALB). I deploy
oathkeeper
as aforward auth plugin
.I stuck in a loop:
https://id.site.com/api/self-service/login?flow=f27eea3f-cb59-4290-9497-15cdf540d2d9
- 303https://app.site.com/art/home
- 302 <---------------- 302 not 200 !https://id.site.com/login?return_to=https://app.site.com/art/home
- 303https://id.site.com/api/self-service/login/browser?aal=&refresh=&return_to=https%3A%2F%2Fapp.site.com%2
- 303https://app.site.com/art/home
- 302 <---------------- 302 not 200 !I'm getting
302
on myapp.site.com
instead of200
, which I get on thelocalhost
. The reason for that is the absence of Cookie:Cookie: csrf_token_xxxxxx
.How do I debug this situation ? Why do my cookies are getting trimmed?
My setup
https://id.site.com/api/
- kratos APIhttps://id.site.com/
- kratos UIhttps://app.site.com
- my protected appI call
oathkeeper
inside myhttps://app.site.com
this way:My rules:
Beta Was this translation helpful? Give feedback.
All reactions