public_git
/
oauth2-proxy
mirror of https://github.com/oauth2-proxy/oauth2-proxy.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
oauth2-proxy/pkg
History
wucm667 8be41ba7d2 fix(middleware): redirect to login on fatal refresh error instead of showing error page 
When Keycloak (or other OIDC providers) returns "invalid_grant" during
token refresh (e.g., "Session not active" when the Keycloak session
expires), the session is correctly cleared from the store. However, the
user sees an error page and must manually reload to trigger re-authentication.

Fix: introduce errSessionCleared sentinel error so that getValidatedSession
returns nil session and nil error when a fatal refresh error occurs. This
allows the normal auth flow to redirect the user to the login page seamlessly
instead of showing an error page.

Fixes oauth2-proxy/oauth2-proxy#3402

Signed-off-by: wucm667 <stevenwucongmin@gmail.com>
 		2026-05-01 10:38:12 +08:00
..
apis Merge commit from fork 2026-04-13 18:22:56 +02:00
app Merge commit from fork 2026-04-13 18:22:56 +02:00
authentication fix: hmacauth dependency licensing issue (#3253) 2025-11-09 20:14:54 +01:00
cookies Merge commit from fork 2026-04-13 18:22:56 +02:00
encryption fix alpha config 2025-11-16 22:38:40 +01:00
header revert: secrets as []byte instead of string 2025-11-16 22:38:42 +01:00
ip Merge commit from fork 2026-04-13 18:22:56 +02:00
logger Request ID Logging (#1087) 2021-03-21 18:20:57 +00:00
middleware fix(middleware): redirect to login on fatal refresh error instead of showing error page 2026-05-01 10:38:12 +08:00
providers feat: add support for specifying allowed OIDC JWT signing algorithms (#2753) (#2851) 2026-03-18 22:24:27 +08:00
proxyhttp feat: add support for setting a unix binding's socket file mode (#3376) 2026-03-19 00:08:50 +08:00
requests Merge commit from fork 2026-04-13 18:29:01 +02:00
sessions feat: add same site option for csrf cookies (#3347) 2026-03-18 23:14:36 +08:00
upstream Merge commit from fork 2026-04-13 18:22:56 +02:00
util feat: allow arbitrary claims from the IDToken and IdentityProvider UserInfo endpoint to be added to the session state (#2685) 2026-03-14 12:04:33 +08:00
validation Merge commit from fork 2026-04-13 18:22:56 +02:00
version feat: Replace default Go user-agent with oauth2-proxy and version (#2570) 2024-07-14 21:09:17 +01:00
watcher Fix Linting Errors (#1835) 2022-10-21 11:57:51 +01:00