You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository was archived by the owner on May 22, 2024. It is now read-only.
- [x] bug report -> please search issues before submitting
- [ ] feature request
- [ ] documentation issue or request
- [ ] regression (a behavior that used to work and stopped in a new release)
Minimal steps to reproduce
When leave the web open on browser after an hour, or open the browser; the web sometimes does GET //auth/redirect? and it shows an Internal Server Error.
Any log messages given by the failure
| [2022-09-12 18:35:48,924] ERROR in init: process_auth_redirect: security violation ('Failed to match request state with session state',)
backend | [2022-09-12 18:35:48,925] ERROR in app: Exception on /auth/redirect [GET]
backend | Traceback (most recent call last):
backend | File "/usr/local/lib/python3.8/site-packages/flask/app.py", line 2525, in wsgi_app
backend | response = self.full_dispatch_request()
backend | File "/usr/local/lib/python3.8/site-packages/flask/app.py", line 1822, in full_dispatch_request
backend | rv = self.handle_user_exception(e)
backend | File "/usr/local/lib/python3.8/site-packages/flask_cors/extension.py", line 165, in wrapped_function
backend | return cors_after_request(app.make_response(f(*args, **kwargs)))
backend | File "/usr/local/lib/python3.8/site-packages/flask/app.py", line 1820, in full_dispatch_request
backend | rv = self.dispatch_request()
backend | File "/usr/local/lib/python3.8/site-packages/flask/app.py", line 1796, in dispatch_request
backend | return self.ensure_sync(self.view_functions[rule.endpoint])(**view_args)
backend | File "/usr/local/lib/python3.8/site-packages/ms_identity_web/flask_blueprint/init.py", line 44, in aad_redirect
backend | return id_web.process_auth_redirect(redirect_uri=url_for('.aad_redirect',_external=True),
backend | File "/usr/local/lib/python3.8/site-packages/ms_identity_web/init.py", line 40, in assert_adapter
backend | return f(self, *args, **kwargs)
backend | File "/usr/local/lib/python3.8/site-packages/ms_identity_web/init.py", line 127, in process_auth_redirect
backend | raise ase
backend | File "/usr/local/lib/python3.8/site-packages/ms_identity_web/init.py", line 105, in process_auth_redirect
backend | self._verify_state(req_params)
backend | File "/usr/local/lib/python3.8/site-packages/ms_identity_web/init.py", line 40, in assert_adapter
backend | return f(self, *args, **kwargs)
backend | File "/usr/local/lib/python3.8/site-packages/ms_identity_web/init.py", line 259, in _verify_state
backend | raise AuthSecurityError("Failed to match request state with session state")
backend | ms_identity_web.errors.AuthSecurityError: Failed to match request state with session state
backend | 150.172.230.173 - - [12/Sep/2022 18:35:48] "GET //auth/redirect?
Expected/desired behavior
Use the session cokies.
OS and Version?
Windows 7, 8 or 10. Linux (which distribution). macOS (Yosemite? El Capitan? Sierra?)
This issue is for a: (mark with an
x)Minimal steps to reproduce
Any log messages given by the failure
Expected/desired behavior
OS and Version?
Versions
Mention any other details that might be useful