Comments (3)
Wild guess: try setting the store's MaxLength
property to something large. It defaults to 4096 bytes (which may not be enough).
store.MaxLength = 10 * 1024
Edit: I think pgstore has it as a method:
store.MaxLength(10 * 1024)
YMMV
from goth.
I think I found the source of this issue while looking for a solution to my own problem.
Line 209 in f347ee3
This line is called every time you call CompleteUserAuth. It tries to place the AccessToken, RefreshToken, and ExpiresAt into the session weather you want it there or not. I commented this line out in the code and I was instantly able to get it working.
Like you I am not using the AccessToken. I am storing what I need in a JWT so storing it in the session is not needed. One fix might be to check the default store and if it doesn't match the used store don't execute this line.
if defaultStore == Store {
err = StoreInSession(providerName, sess.Marshal(), req, res)
if err != nil {
return goth.User{}, err
}
}
from goth.
This issue shows up when attempting to implement PKCE (punmechanic@4944a61, see #516) for openidconnect. Even a trivial attempt at implementing PKCE (whose recommended challenge size is 32b when generated using oauth2.GenerateVerifier
) may result in the session overflowing its bounds when refresh tokens are enabled with a stock Keycloak server.
It may be that my naive attempt at storing the verifier within the session is unwise and it may be better to serialize the verifier in a different session.
from goth.
Related Issues (20)
- StoreInSession calls Store.New creating a new session every time HOT 1
- Support for non-global set of providers HOT 4
- Apple should get team id, key id, client id and pem as input
- Google authorization claiming "Bad Request" when I include scopes
- reddit provider not found
- Bitrix24 Provider HOT 1
- Logging in without reauthentication in example code doesn't work HOT 6
- Can't retrieve openidConnect PreferredUsername from User object
- Apple login fails if user decides not to share Apple ID
- Remove link to "maintainer needed"
- No documentation on why there is a defer logout HOT 2
- Updating dependencies breaks login: securecookie: hash key is not set
- Panic using openidConnect provider
- You must select a provider (gin router issue) HOT 3
- Modrinth provider
- Add EmailVerified field in Apple Session
- microsoftonline appears broken HOT 3
- Empty claims with OIDC provider on Authentik HOT 1
- Using the example app (with just Google auth) - "could not find a matching session for this request" HOT 8
- Session returns empty array HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from goth.