Hello Alessio, It's great to see another case of APISIX being combined with NodeRed! Although I haven't tested using APISIX to protect NodeRed myself (via OIDC), I can arrange some time with teammates to test and verify it. I'll keep you updated.
Additionally, we can schedule an online meeting to discuss this further after tomorrow, allowing us time to test first. You can check my availability here: https://calendar.app.google/HsJHyv4qnkxASeNU9 P.S. For anyone else interested in integrating APISIX with NodeRed, here's a post I wrote previously: https://api7.ai/blog/apache-apisix-and-node-red Best Regards Zhiyuan On Wed, Aug 14, 2024 at 2:10 AM Alessio Bernesco Làvore < alessio.berne...@gmail.com> wrote: > Hello, > i'm doing some tests using Apisix to provide access to different > instances of Nodered using proxy-rewrite, and everything works fine, > calling different routes pointing then to the different instances > dashboards. > > Now i'm trying to integrate OpenID authorization using Keycloak, and > if i call a single API (made with the HTTP node in Nodered everything > works fine). > > Trying to open the Nodered dashboard the page remains white and > watching the Apisix logs there are a lot of errors any time there's an > asset file to retrieve (ie js/css files). > > openidc.lua:1106: authenticate(): state from argument: > 91b8c9704acbc3116e434bb8e62c74d5 does not match state restored from > session: 9180612f39012e827f0f7c292749aa1e > openidc.lua:1484: authenticate(): request to the redirect_uri path but > there's no session state found > openid-connect.lua:555: phase_func(): OIDC authentication failed: > request to the redirect_uri path but there's no session state found > > I'm looking for a way to secure those Nodered installations behind > Apisix, and I'm looking for any hint on how to proceed. > > Greetings, > Alessio >
