Home > Software design >  Why am I getting a CSRF 403 from OAuth2 Proxy when running on GKE but not locally?
Why am I getting a CSRF 403 from OAuth2 Proxy when running on GKE but not locally?

Time:03-07

I have a simple setup that is using OAuth2 Proxy to handle authentication. It works fine locally using minikube but when I try to use GKE when the oauth callback happens I get a 403 status and the the following message...

Login Failed: Unable to find a valid CSRF token. Please try again.

The offending url is http://ourdomain.co/oauth2/callback?code=J_6ao0AxSBRn4bwr&state=r_aFqM9wsSpPvyKyyzE_nagGnpNKUp1pLyZafOEO0go:/ip

What should be configured differently to avoid the CSRF error?

CodePudding user response:

In my case it was because I needed to set the cookie to secure = false. Apparently I could still have secure true no problem with http and an IP but once I uploaded with a domain it failed.

Page link:https//www.codepudding.com/Softwaredesign/325678.html

Prev:What is CPU Request Commitment and Memory Request Commitment
Next:Overloading = operator in c
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding