[Koha-bugs] [Bug 34755] Error authenticating to external OpenID Connect (OIDC) identity provider : wrong_csrf_token
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Fri Mar 1 00:47:10 CET 2024
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=34755
--- Comment #17 from David Cook <dcook at prosentient.com.au> ---
(In reply to David Cook from comment #16)
> I was trying my best to break my sessions, and I did manage to reproduce the
> problem, but I can't recall exactly how.
>
> So I'm going to keep trying again (more carefully).
Ok so one way to do it would be to do the following:
1. Go to http://localhost:8080
2. Click "Log in with Keycloak" but don't log in
3. In a new tab, go to http://localhost:8080, and do a local login
4. Log out of the local login
5. Go back to original tab and complete the Keycloak login
You'll get a wrong_csrf_token because the CGISESSID cookie value has changed.
An anonymous user becoming an authenticated user will keep the same session ID,
but an authenticated user becoming an anonymous user will lose their session
ID.
You should be getting the wrong_csrf_token warning in this case.
--
You are receiving this mail because:
You are watching all bug changes.
More information about the Koha-bugs
mailing list