Exception on login - sometimes

[butu]

Hi, I updated to the newest oidc 2.1.0 version and since then i randomly get this exception:

Core: Exception handler (WEB): Uncaught TYPO3 Exception: strpos(): Argument #1 ($haystack) must be of type string, null given | TypeError thrown in file /srv/deploy/domain.xy/releases/92/public/typo3conf/ext/oidc/Classes/Controller/AuthenticationController.php in line 82. Requested URL: https://domain.xy/?state=77f6102333a14f3638ec648d10d3b5d0&session_state=33197951-d867-43f9-9264-eddf8139f441&code=0b95e921-f89c-4ba7-b592-2688d117484d.33197951-d867-43f9-9264-eddf8139f441.2b236e57-7b9e-44d8-9589-69d2ee43def4

If I login with my local machine, it always works - in every Browser. If I test it with Browserstack, it mostly fails - in every Browser. On the client's machine it mostly fails, sometimes it works - on Microsoft Edge 123.

The two lines in AuthenticationController (81 and 82);

$loginUrl = $_SESSION['oidc_login_url'];
$loginUrl .= strpos($loginUrl, '?') !== false ? '&' : '?';

So it seems that $_SESSION['oidc_login_url'] is sometimes empty. Can you verify this?

TYPO3-Version 11.5.35
Webserver nginx/1.20.1
PHP-Version 8.0.25
Datenbank (Default) MySQL 5.7.34

Thank you and Best Regards!
Benjamin

[liayn]

This means that the session of the user is lost. (which the code should check for)
This can be a server problem (PHP session storage) or can be related to the PHP session cookie.

[butu]

Ok, so anything I could change on my side? Or does this need to be fixed in the extension?

[liayn]

There is nothing we can fix in the extension, as far as I can tell. You need to find out why the session is lost.
At least I have no other idea at the moment.

[foliengriller]

Could that be something with cookies? Maybe there is a consent-tool that prevents the session cookie....

[liayn]

The latest master-version uses JWT now instead of PHP sessions. Maybe this helps?