Tried using a /login page on redwood (eg localhost:3000/login), and POSTing back to the /interaction/:uid/login endpoint. Tried two different things:
- oauth2-server-redwood
A oidc-provider hosted in a redwood funciton /api/oauth
invalid_request authorization request has expired. iss: http://localhost:3000/api/oauth
Likely cause is that not all the cookies are being consumed by the server properly. Some are being set with invalid paths eg /oauth/auth.. instead of /api/oauth/auth.... There is inconsistency in the node-oidc-provider library for how path is managed- which means we can't have the server hosted from a prefixed route (eg. /api/oauth/)
- keyp-oauth2-server
a oidc-proviced hosted as a normal express app
SessionNotFound: invalid_request at Provider.getInteraction
Likely cause is the cookies not being passed, since cross-domain request is required from :3000 to :3210
Redirect from the social provider can be directly back to the authority server
:3210/auth discord.com/oauth