curl: (47) Maximum (50) redirects followed
yejune opened this issue · 1 comments
yejune commented
example run
php -S localhost:9000 -t examples/server/
export SSO_SERVER=http://localhost:9000 SSO_BROKER_ID=Alice SSO_BROKER_SECRET=8iwzik1bwd; php -S localhost:9001 -t examples/broker/
export SSO_SERVER=http://localhost:9000 SSO_BROKER_ID=Greg SSO_BROKER_SECRET=7pypoox2pc; php -S localhost:9002 -t examples/broker/
test
curl -I -L localhost:9001
result
HTTP/1.1 307 Temporary Redirect
Host: localhost:9001
Date: Tue, 11 Jun 2019 04:23:51 GMT
Connection: close
X-Powered-By: PHP/7.3.6
Set-Cookie: sso_token_alice=aw9fod9tqk0sk0sw4cokswc8s; expires=Tue, 11-Jun-2019 05:23:51 GMT; Max-Age=3600; path=/
Location: http://localhost:9000?command=attach&broker=Alice&token=aw9fod9tqk0sk0sw4cokswc8s&checksum=e290e7c03a9c1af6d53783ef9e4268108c39d956addd098ef76a17db063a8145&return_url=http%3A%2F%2Flocalhost%3A9001%2F
Content-type: text/html; charset=UTF-8
HTTP/1.1 307 Temporary Redirect
Host: localhost:9000
Date: Tue, 11 Jun 2019 04:23:51 GMT
Connection: close
X-Powered-By: PHP/7.3.6
Set-Cookie: PHPSESSID=k43in20n9nisibva4befjp4cej; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Location: http://localhost:9001/
Content-type: text/html; charset=UTF-8
HTTP/1.1 307 Temporary Redirect
Host: localhost:9001
Date: Tue, 11 Jun 2019 04:23:51 GMT
Connection: close
X-Powered-By: PHP/7.3.6
Set-Cookie: sso_token_alice=150316mkeau8ccw40kk0k4k4g; expires=Tue, 11-Jun-2019 05:23:51 GMT; Max-Age=3600; path=/
Location: http://localhost:9000?command=attach&broker=Alice&token=150316mkeau8ccw40kk0k4k4g&checksum=ab20610550e977f2c9b43e547adf8cf13ca0fbc86511c0e36830deb030338952&return_url=http%3A%2F%2Flocalhost%3A9001%2F
Content-type: text/html; charset=UTF-8
HTTP/1.1 307 Temporary Redirect
Host: localhost:9000
Date: Tue, 11 Jun 2019 04:23:51 GMT
Connection: close
X-Powered-By: PHP/7.3.6
Set-Cookie: PHPSESSID=e7v8frcb7s207aua5kj1f5cj3v; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Location: http://localhost:9001/
Content-type: text/html; charset=UTF-8
.
.
.
.
curl: (47) Maximum (50) redirects followed
Is this normal?
jasny commented
Attaching requires cookies to be set via an element loaded inside of the HTML page of the broker. If that doesn't happen, you get this redirect behavior.
I wouldn't call it normal, just something that isn't caught and handled by this SSO demo.