Basic Flask OpenID Connect example
The problem is that oidc_callback is correctly creating an authentication cookie (called oidc_id_token
) and redirecting to index
, but index
can't retrieve that cookie because the app is hosted on HTTP, and the cookie has the Secure flag set, so the browser is unwilling to send it back to the app over HTTP.
The solution is (for local development purposes only!) to turn off the Secure flag, by setting the OpenIDConnect config item OIDC_ID_TOKEN_COOKIE_SECURE
to False
:
if __name__ == '__main__': APP = create_app({ 'OIDC_CLIENT_SECRETS': './client_secrets.json', 'OIDC_ID_TOKEN_COOKIE_SECURE': False, 'SECRET_KEY': 'secret'}) APP.run(host="127.0.0.1", port=8080, debug=True)