Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

MistatchingStateError - authlib CSRF token #3

Closed
bennettscience opened this issue Nov 2, 2021 · 2 comments
Closed

MistatchingStateError - authlib CSRF token #3

bennettscience opened this issue Nov 2, 2021 · 2 comments

Comments

@bennettscience
Copy link
Owner

Sentry: https://sentry.io/share/issue/42f60d61db41429890cb50ff35103686/

Seems to be related to this issue on authlib, unresolved as of 1.0.rc2? Currently have 0.15.3 installed in production.

Occurs on the callback route when the token is retrieved from Google's OpenID service.
@lepture
Copy link

lepture commented Nov 24, 2021 

if state != request_state:

What is the value of state and request_state?

@bennettscience
Copy link
Owner Author

bennettscience commented Sep 26, 2022
edited
Loading

Updated to Authlib 1.1.0 and made sure to not clear the session token until logout.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@lepture @bennettscience