Reduce the number of redirections #3644
Unanswered
twbrandon7
asked this question in
Q&A
Replies: 1 comment
-
Have you looked into https://github.com/ory/kratos ? |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Hey there, I'm currently working on setting up an OpenID Provider for our organization, and we're using a self-hosted Hydra instance for the task. As part of the setup, we've integrated custom login and consent providers with Hydra. However, there's something I've noticed during our current implementation that's been bugging me. We seem to be dealing with an excessive number of redirects between our application and the Hydra server for each login process. These redirects can be a real pain, especially for users with shaky network connections.
Let me break it down a bit. In Figure 1, we've got the login process for a user. They start off by hitting the Hydra server to initiate the login process (see Fig. 1 (1)). Then, Hydra sends them back to our login page. Similarly, after the user successfully completes the authentication, they get redirected back to Hydra (Fig. 1 (2)).
Now, here's the idea I'm toying with: What if our application could send a request to the Hydra server based on the redirection URL provided by Hydra, rather than relying on the user's browser to do the redirection? Check out Figure 2 (3), where our app initiates a request to Hydra's
/oauth2/auth
endpoint. The server takes care of the cookie returned by Hydra and saves it in our app's session. After the user successfully completes the authentication, our app sends another request to Hydra's/oauth2/auth
endpoint (as shown in Figure 2 (4)). Since we've stored Hydra's cookie in our app's session, we can seamlessly continue the OpenID Connect authentication process.This approach could help us cut down on all those redirects. But, of course, I'm wondering if there are any security concerns with this method, or if it might not quite align with Hydra's design and architecture.
Figure 1: The Original Version
Figure 2: The Modified Version
Beta Was this translation helpful? Give feedback.
All reactions