If you have "Replace Drupal login with Keycloak single sign-on (SSO)" enabled, and the authentication fails for some reason (e.g. from logic in hook_openid_connect_pre_authorize()), the user will get stuck in a infinite redirect loop until the state token gets invalid and the user is rendered a access result forbidden.
So what happens is:
I enter /user/login
Gets redirected to keycloak base URL
I authenticate, get redirected to redirect URL (/openid-connect/keycloak)
hook_openid_connect_pre_authorize fails the authorization
I get redirect to /user, and as I'm not authenticated, I get redirected back to /user/login
and it repeats until the state token gets invalidated.
Postponed: needs info
1.0
Code
Not all content is available!
It's likely this issue predates Contrib.social: some issue and comment data are missing.
I never encountered this, so I would need exact steps to reproduce.
Does this also happen on the 2.2.x version?
@BramDriesen this does not happen on the 2.2.x version
Thanks for checking @chrisck !
Let's wait a bit and see if we can get steps to reproduce or not. Otherwise I'll close it as outdated :)