mhammoudoddo commented on issue #12360: URL: https://github.com/apache/apisix/issues/12360#issuecomment-3116764028
> Yes, as I already explained in my previous comment: _due to lua-resty-openidc library being unable to handle the state of 2 or more concurrent login sessions from different tabs of the same browser (see [zmartzone/lua-resty-openidc#482](https://github.com/zmartzone/lua-resty-openidc/issues/482))_. > > However, Apisix could help mitigating the effect of this issue as I suggested before: _what apisix openid-plugin can do in this case is to catch the error coming from the library and redirect the browser to the originally requested redirect_uri_. > > Since the error happens only at the end of the auth process, the user is in fact already logged in and redirecting the browser to any page works fine; IMHO returning a 500 error page in this case may not be be the best UX possible. > > In my setup I was able to work it around with this rule: > > "response-rewrite": { > "_meta": { > "disable": false, > "filter": [ > "AND", > ["uri", "~~", "^/callback$"], > ["status", "==", 500] > ] > }, > "status_code": 307, > "headers": { > "set": { > "Location": "/" > } > } > } > But unfortunately I do not have the exact `redirect_uri` available here and this would catch any 500 error from that page which is not so precise compared to catching the error in the code. Hello , Could you please provide me the full config ? i'm having the same issue and i want a workaround -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
