Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

OAuth2 Filter - ID Token Cookie Too Large #33825

Open
joberdick opened this issue Apr 26, 2024 · 2 comments
Open

OAuth2 Filter - ID Token Cookie Too Large #33825

joberdick opened this issue Apr 26, 2024 · 2 comments
Labels
area/oauth bug

Comments

@joberdick
Copy link

joberdick commented Apr 26, 2024
edited

Title: It's possible ID token is too large for cookie

Description:
Our IDP can return large amounts of data in ID tokens. This is causing SSO to fail with the filter as the ID token is never present
image

image

Can we either breakup the cookies to support larger payloads, or allow an option to exclude the ID token from the cookies?

Repro steps:

  1. Setup Filter for SSO
  2. Add over 4KB of payload to the ID token on the token issuer
  3. Login with the filter and observe failure
@joberdick joberdick added bug triage Issue requires triage labels Apr 26, 2024
@adisuissa
Copy link
Contributor

cc @derekargueta @mattklein123 as codeowners

@adisuissa adisuissa added area/oauth and removed triage Issue requires triage labels Apr 29, 2024
@derekargueta
Copy link
Member

Making IdToken configurably opt-out sounds reasonable and simple

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
area/oauth bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@adisuissa @derekargueta @joberdick