oauth2-proxy: Error loading cookied session: cookie "_oauth2_proxy" not present, removing session

Expected Behavior

set-cookie header is present on login page, and no errors are logged

Current Behavior

Error console shows:

Error loading cookied session: cookie "_oauth2_proxy" not present, removing session

In a browser I can see the "/oauth2/callback/ has the cookie, but not the “/” or “login?redirect=/”

Possible Solution

Unknown

Steps to Reproduce (for bugs)

Nginx config:

server {
    listen 443 default ssl;
    server_name servername;
    ssl_certificate /etc/letsencrypt/live/servername/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/servername/privkey.pem;
    add_header Strict-Transport-Security max-age=2592000;
    proxy_buffers 4 256k;
    proxy_buffer_size 128k;
    server_tokens off;

    location / {
        proxy_pass http://127.0.0.1:4180;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Scheme $scheme;
        proxy_set_header X-Auth-Request-Redirect $request_uri;
        proxy_connect_timeout 1;
        proxy_send_timeout 30;
        proxy_read_timeout 30;

   }
}

Running oauth2-proxy with:

/opt/oauth2-proxy/oauth2-proxy \
--provider=azure \
--redirect-url=https://servername/oauth2/callback \
--skip-provider-button \
--email-domain=*  \
--client-id=id \
--client-secret=secret \
--upstream=http://localhost:4430/ \
--cookie-secret=secret \
--cookie-httponly=false \
--reverse-proxy=true

Context

I’m trying the add the proxy in front of puppet enterprise.

Your Environment

Centos7 server with puppet enterprise installed

Version used:

oauth2-proxy-v6.1.1

About this issue

Original URL
State: closed
Created 4 years ago
Comments: 26 (10 by maintainers)

Most upvoted comments

@5w0ng and @rtrive , Have you looked the URL in your browser. Here is the URL in my case: https://prometheus.ubuntu.domain.org/oauth2/start?rd=%2F The ?rd=%2F, I think it should point to the oauth service.

I set the label again - 'traefik.http.middlewares.oauth.forwardauth.address=http://oauth:4180/oauth2/start?rd=https://oauth.ubuntu.domain.org/. But after that I go into an infinity sign in loop.

htdat148 on May 17, 2021