Hey we are trying to use Ory Hydra with Kratos in combinatio Ory Community #ory-network

Hey we are trying to use Ory Hydra with Kratos in ...

bright-table-18460

04/19/2023, 2:54 PM

Hey we are trying to use Ory Hydra with Kratos in combination via the ory network (essential plan). But if we authorised the application we get an "An internal server error occurred, please contact the system administrator" after we accept the consent.

Copy code

{
  "error": {
    "Ory\\Kratos\\Client\\Model\\FlowError": {
      "created_at": "2023-04-19T14:41:38+00:00",
      "error": {
        "code": 500,
        "debug": "400 Bad Request",
        "details": {
          "oauth2_error_hint": "",
          "status_code": 400
        },
        "message": "An internal server error occurred, please contact the system administrator",
        "reason": "Unable to accept OAuth 2.0 Login Challenge.",
        "status": "Internal Server Error"
      },
      "id": "02da5566-0bf9-4b13-8d06-86196ddc1f6c",
      "updated_at": "2023-04-19T14:41:38+00:00"
    }
  }
}

As far as i can see, this error message gets triggered by kratos if it can't reach hydra. https://github.com/ory/kratos/blob/a046778f0a133c54f106b8edf927ca3521d9a330/hydra/hydra.go#L107 Is this a bug or do we misconfigured something?

steep-lamp-91158

04/19/2023, 3:04 PM

I had a look in the logs, this is what hydra says:

Field 'subject' does not match subject from previous authentication

and why it returns a 400 on the PUT

/admin/oauth2/auth/requests/login/accept

fast-lunch-54279

04/19/2023, 3:04 PM

@stocky-king-5626 @famous-art-85498 can you help with logs here please?

steep-lamp-91158

04/19/2023, 3:04 PM

sorry I was too fast 😉

bright-table-18460

04/19/2023, 3:07 PM

Ah clearing all cookies, helped. But it's a little bit weird. 🤔

steep-lamp-91158

04/19/2023, 3:09 PM

you mean the error message or that it happens at all? I think it should not be an internal server error...

steep-lamp-91158

04/19/2023, 3:09 PM

did you log out and then try to log in again? or how did you end up in the situation?

bright-table-18460

04/19/2023, 3:13 PM

I mean that it happend. I just logout and clear all cookies and then tried again and then it worked. This was the solution in this thread: https://community.ory.sh/t/subject-from-payload-does-not-match-subject-from-previous-authentication/1192/4 Not sure if i can reproduce it. I try to remember and right down what are the steps to face this issue and fill a bug ticket. Thanks for the fast response. PS: Would be cool to see the logs, as a customer, too 🙂

steep-lamp-91158

04/19/2023, 3:15 PM

yes we are working on exposing logs and all other kinds of events

steep-lamp-91158

04/19/2023, 3:15 PM

would be great if you find a way to reproduce it

steep-lamp-91158

04/19/2023, 3:15 PM

and create an issue in kratos

bright-table-18460

04/19/2023, 3:15 PM

Will try my best. 🙂

282 Views

Open in Slack

Previous Next