I am using flask_oidc, Gunicorn and Keycloak. It is working fine, actually. However, right after login, I get this error when redirected from Keycloak back to my application:
ERROR:flask\_oidc.views:Could not get the access token
Traceback (most recent call last):
File "/root/push/flaskenv/lib/python3.9/site-packages/flask\_oidc/views.py", line 46, in authorize\_view
token = g.\_oidc\_auth.authorize\_access\_token()
File "/root/push/flaskenv/lib/python3.9/site-packages/authlib/integrations/flask\_client/apps.py", line 100, in authorize\_access\_token
params = self.\_format\_state\_params(state\_data, params)
File "/root/push/flaskenv/lib/python3.9/site-packages/authlib/integrations/base\_client/sync\_app.py", line 234, in \_format\_state\_params
raise MismatchingStateError()
The thing is, the session is there, I see it both on the outgoing url to Keycloak as well as on the url to my application when keycloak is done authorizing the user. They match. Everything works fine. But that error persists. I have no idea what is causing it. Any tips?
My code:
@app.route('/')
@app.route('/index')
def hello_world():
if 'oidc_auth_profile' in session:
data = session['oidc_auth_profile']
else:
data = {}
return render_template('index.html', g=data)
@app.route('/private', methods=['GET','POST'])
@oidc.require_login
def hello_me():
# info = oidc.user_getinfo(['email', 'openid_id'])
logging.debug(f"State received in callback: {request.args.get('state')}")
return render_template("profile.html")
both debug logins return "None", but the application works fine.