Details

    • Steps to Reproduce:
      Hide

      Run Gatekeeper from docker image:
      > docker run -it --rm --network host keycloak/keycloak-gatekeeper --listen=127.0.0.1:3000 --upstream-url=http://localhost:12080 --discovery-url=<redacted> --client-id=<redacted> --client-secret=<redacted> --redirection-url=http://localhost:3000 --enable-default-deny=true --resources="uri=/*|groups=/admins" --secure-cookie=false --enable-metrics=true --enable-security-filter=true

      Navigate to http://localhost and perform authentication.

      Show
      Run Gatekeeper from docker image: > docker run -it --rm --network host keycloak/keycloak-gatekeeper --listen=127.0.0.1:3000 --upstream-url= http://localhost:12080 --discovery-url=<redacted> --client-id=<redacted> --client-secret=<redacted> --redirection-url= http://localhost:3000 --enable-default-deny=true --resources="uri=/*|groups=/admins" --secure-cookie=false --enable-metrics=true --enable-security-filter=true Navigate to http://localhost and perform authentication.
    • Docs QE Status:
      NEW
    • QE Status:
      NEW

      Description

      After a successful authentication on the ID provider the authentication callback handler logs the following warning:
      1.5435725238107662e+09 warn unable to decode the state parameter

      {"state": "629f44c2-6790-42ac-b62f-d14c00b070a7", "error": "illegal base64 data at input byte 8"}

      It is probably related to this pull request:
      https://github.com/keycloak/keycloak-gatekeeper/pull/433

      Marked as security sensitive since I'm not sure if this affects state validation.

        Gliffy Diagrams

          Attachments

            Issue Links

              Activity

                People

                • Assignee:
                  abstractj Bruno Oliveira da Silva
                  Reporter:
                  frodei Frode Ingebrigtsen
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  4 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved: