Login : failed-oauth-callback : anti-forgery-token-invalid : 'No Play session ID found' java.lang.IllegalArgumentException: No Play session ID found #69
Description
I got the auth to work locally but when I migrate to prod I'm getting a 'No Play session ID found' exception. I suspect this is a subtle domain name related thing involving the play session but I'm stumped where to look to debug this.
[info] application - GET /login took 2ms and returned 200
[info] application - GET /loginAction took 465ms and returned 303
[warn] application - Login : failed-oauth-callback : anti-forgery-token-invalid : 'No Play session ID found'
java.lang.IllegalArgumentException: No Play session ID found
at com.gu.googleauth.AntiForgeryChecker$$anonfun$verifyToken$1$$anonfun$apply$1.apply(auth.scala:129)
at com.gu.googleauth.AntiForgeryChecker$$anonfun$verifyToken$1$$anonfun$apply$1.apply(auth.scala:129)
at scala.Option.getOrElse(Option.scala:121)
at com.gu.googleauth.AntiForgeryChecker$$anonfun$verifyToken$1.apply(auth.scala:129)
at com.gu.googleauth.AntiForgeryChecker$$anonfun$verifyToken$1.apply(auth.scala:129)
at scala.util.Try$.apply(Try.scala:192)
at com.gu.googleauth.AntiForgeryChecker.verifyToken(auth.scala:129)
at com.gu.googleauth.GoogleAuth$.validatedUserIdentity(auth.scala:210)
at com.gu.googleauth.LoginSupport$class.checkIdentity(actions.scala:128)
at controllers.Login.checkIdentity(Login.scala:11)
[info] application - GET /oauth2callback?state=eyJhbGciOiJIUzI1NiJ9.eyJleHAiOjE1NDEyODI2MTgsInJmcCI6IjJjbDc1YWJlNG1wYTAwZWozbGZ1OWg4bGQ3In0.tSA4R8LcAV4vKzlbzK5CfUmRYDOvPb3IloX-bAjVw-g&code=4/iwDPTXxG6TnzfCatUs98t2wtd04XBoYwEnaqGs1gHrcGLg6BHbcJ0Fy6RuDUQufTgnSyj2G8YrIKu7kRa2Lg1Kc&scope=openid%20email%20profile%20https://www.googleapis.com/auth/userinfo.profile%20https://www.googleapis.com/auth/plus.me%20https://www.googleapis.com/auth/userinfo.email&authuser=0&session_state=13bfb169647df9902b42fcace7298e4e3096bfdb..e30e&prompt=none took 69ms and returned 303
[info] application - GET /login took 1ms and returned 200