Login session error using Node oidc-middleware

alex-m · February 12, 2021, 9:59pm

We are seeing the error below on our production server when users log in (no issues on stage server). It is intermittent, but appears to be more common in Chrome/Safari.

For sessions, we are using express-session as follows:

const sessionConfig = { 
 secret: "[secret]",
    resave: false,
    saveUninitialized: false,
    cookie: {
      sameSite: "none",
      secure: true
    }
};
app.use(session(sessionConfig));
app.use(oidc.router);

We’ve tried a variety of updates shown in the forums on Github, but nothing has worked so far. Any help would be greatly appreciated:

Error: did not find expected authorization request details in session, req.session["oidc:https://wpp.okta.com"] is undefined
    at /usr/src/app/node_modules/openid-client/lib/passport_strategy.js:126:13
    at OpenIDConnectStrategy.authenticate (/usr/src/app/node_modules/openid-client/lib/passport_strategy.js:174:5)
    at attempt (/usr/src/app/node_modules/passport/lib/middleware/authenticate.js:366:16)
    at authenticate (/usr/src/app/node_modules/passport/lib/middleware/authenticate.js:367:7)
    at Layer.handle [as handle_request] (/usr/src/app/node_modules/express/lib/router/layer.js:95:5)
    at trim_prefix (/usr/src/app/node_modules/express/lib/router/index.js:317:13)
    at /usr/src/app/node_modules/express/lib/router/index.js:284:7
    at Function.process_params (/usr/src/app/node_modules/express/lib/router/index.js:335:12)
    at next (/usr/src/app/node_modules/express/lib/router/index.js:275:10)
    at SessionStrategy.strategy.pass (/usr/src/app/node_modules/passport/lib/middleware/authenticate.js:343:9)

alex-m · February 16, 2021, 5:17pm

It looks like we may have fixed this. For anyone else having this issue, our fix seems to have been adding ‘memorystore’ as the store option for express-session: memorystore - npm

Updated code:

const session = require('express-session');
const MemoryStore = require('memorystore')(session);

const sessionConfig = {
  secret: "[secret]",
  resave: false,
  saveUninitialized: false,
  cookie: { "maxAge": 86400000 }
  store: new MemoryStore({
    checkPeriod: 86400000
  })
};
app.use(session(sessionConfig));
app.use(oidc.router);

sigama · February 16, 2021, 9:39pm

Hi @alex-m! I’m sorry we couldn’t get to your sooner. Thank you for posting your solution for others in our community to benefit from .

system · February 17, 2021, 9:40pm

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.

Post		Replies	Views
Error: did not find expected authorization request details in session Questions	5	7888	February 10, 2024
Authorization Details not in Session Questions	1	7072	January 12, 2024
Oidc middleware issues: ensureAuthenticated() doesn't work and userinfo isn't set OAuth/OIDC nodejs	5	7748	November 9, 2017
Okta oidc-middleware showing not authenticated OAuth/OIDC nodejs	2	5253	May 10, 2018
Passport-openidconnect login fails OAuth/OIDC	4	2716	November 16, 2023

Login session error using Node oidc-middleware

Related topics