Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Bug]: Signing in the wrong user when authenticating through a generic OAuth provider #1396

Open
1 task done
nangelov-eti opened this issue Dec 18, 2024 · 0 comments
Open
1 task done

[Bug]: Signing in the wrong user when authenticating through a generic OAuth provider #1396

nangelov-eti opened this issue Dec 18, 2024 · 0 comments

Comments

@nangelov-eti
Copy link

nangelov-eti commented Dec 18, 2024
edited
Loading

Is there an existing issue for this?

  • I have searched the existing issues

Current Behavior

User B is signed in as User A, causing incorrect user authentication.

Expected Behavior

User B should be signed in as themselves after authenticating via the OAuth provider, not as User A.

Steps to reproduce

  1. Set up a generic OAuth provider.
  2. Sign in using the OAuth provider with User A.
  3. Open an incognito window and attempt to sign in with User B using the same OAuth provider.
  4. Observe that User B is signed in as User A instead of their own account.

Environment

Lowcoder version 2.4.10 is affected, but it's likely that the issue also impacts the latest version.
mode: ENTERPRISE

Additional Information

We use Keycloak as the OAuth provider to authenticate across multiple Keycloak realms. However, since Lowcoder doesn’t support multiple Keycloak providers, we had to configure separate generic OAuth providers, each representing a different Keycloak realm.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@nangelov-eti