Session has expired. Client must attach with new token #155
Replies: 9 comments 1 reply
-
the only difference seems to be the path - local virtual hosts do not have context, while the online broker is on /sso-broker |
Beta Was this translation helpful? Give feedback.
-
The problem is on Server startBrokerSession() call: Bearer token isn't attached to a client session
$brokerId and $token are properly set but $sessionId is null |
Beta Was this translation helpful? Give feedback.
-
Once set a different folder to store cache (rather /tmp), a different error occurs: Session has expired. Client must attach with new token. This error occurs only with a broker while other two brokers works properly. In all cases, the cache files are created, named as SSO-(brokerId)-(token).php.cache and all have the same content. It seems that is not able to resume the session === First broker: success ===
=== Second broker: error ===
=== SSO-SSO-Alice-5m5ortumlvcw0kg4occcwgs0w40wgocs4g4ogo0kog8ko8ogw8.php.cache ===
=== SSO-Julius-szln2zwsoqowkoowo084ok844w0csss84s0gkko4gw440cswg.php.cache ===
|
Beta Was this translation helpful? Give feedback.
-
@jasny what is the reason why a broker fails to resume session while others do it properly? The session id provided is the same |
Beta Was this translation helpful? Give feedback.
-
Where is the server running? If that's locally (on your computer), the online broker won't be able to connect. |
Beta Was this translation helpful? Give feedback.
-
The SSO server is running on https://test.echosistemi.it/sso while the broker with problem is running on https://www.alessandrolarocca.it/sso-broker. |
Beta Was this translation helpful? Give feedback.
-
Hello @jasny, I added some log to the code in order to track the issue. When remote broker (https://www.alessandrolarocca.it/sso-broker, Julius) connect to the SSO server (https://test.echosistemi.it/sso) the broker is successfully attached to the session. Then startBrokerSession is called, the session id is retrieved properly and the checkum validated. Finally it tries to resume the session but fails ($_SESSION is empty) and throws the exception "Session has expired. Client must attach with new token". Instead if my local broker (broker1.local, Alice) connects the SSO server, the full process including session resume completes successfully. Please help, I'm discouraged. I don't know what else to try. === Broker OK (Alice) ===
=== Broker ERROR (Julius) ===
SSO-Alice-5r9ygrpp1asc4scos4080ocko8g0osw8gocsww0oskgw0wskok.php.cache
SSO-Julius-5vyqz6xvprk8okck8c8skocosow000ggo0sw84g08soows4gk8.php.cache
|
Beta Was this translation helpful? Give feedback.
-
It's not clear from the log what's going wrong. I'm afraid some debugging is required. Add a PHP script that dumps the content of The sso/src/Server/GlobalSession.php Lines 59 to 74 in 1bc1619 In this function, can you add on the first line (before if (session_status() === PHP_SESSION_ACTIVE) {
throw new ServerException("Unable to resume session. A session has already started");
} It's not clear why that would be the case for one broker and not the other, but it's worth a try. |
Beta Was this translation helpful? Give feedback.
-
I changed GlobalSession.php start and resume method:
The check you suggested at the begin of resume method has not effect. The exception never throws. The session dump is in the log context.
Note that when remote broker start the session, it includes _sso_init and user. But this fields are not availaable when resuming. LOCAL BROKER (Alice)
REMOTE BROKER (Julius)
LOCAL BROKER (Greg)
|
Beta Was this translation helpful? Give feedback.
-
I have 3 brokers using the demo sample code. Two of this brokers run on local virtual hosts. The third runs on an online server with HTTPS, as the sso server.
The local brokers works properly (info, login, logout). The online broker return the error "Invalid or expired bearer token". I get the same error even if I run the third broker from the same webserver (with a different context) where the sso server runs.
Beta Was this translation helpful? Give feedback.
All reactions