Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix session token storge in django 4.2 and higher #34

Open
wants to merge 2 commits into
base: main
Choose a base branch
from

Conversation

tejon-melero
Copy link

No description provided.

@tejon-melero tejon-melero changed the title remove trailing slash from callback url config fix session token startoge in django 4.2 and higher Mar 22, 2024
@tejon-melero
Copy link
Author

This package stopped working after upgrading to Django 4.2 and higher but works with Django versions lower than 4.2
in Django versions 4.2 and higher the callback url that Okta connects to is no longer processed because the url definition of a callback url has an additional /:
https://github.com/AzMoo/django-okta-auth/blob/main/okta_oauth2/urls.py#L7
image

In the Readme of the project the callback url is defined without the slash:
image

Something in the url processing logic in Django has changed between versions 4.1 and 4.2 that led to the outcome that the callback view that sets the session tokens was no longer called and therefore the session tokens were no longer set.
Instead of setting the session token a redirect was triggered to the login page, which tried to call the callback url again and this lead to an infinite loop between the two views.

By removing the trailing slash from the callback url this issue is fixed and this fix is backwards compatible.

@tejon-melero tejon-melero changed the title fix session token startoge in django 4.2 and higher fix session token storge in django 4.2 and higher Mar 22, 2024
okta_oauth2/urls.py Outdated Show resolved Hide resolved
@kaskichandrakant
Copy link

kaskichandrakant commented Apr 11, 2024

#33 (comment) this solved my problem.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants