Error 403 Forbidden

GET https://new.hestiasap.fr/admin/oauth/keycloak/check?code=a3485fd8-9355-771c-d1e0-b8a445ea1989.hDRGF0kr-8IJxwgdiK5oC4Qu.08218ae4-852c-4ea2-ae2c-6e3d3d3ea495&iss=…

IP
83.198.135.246
Profiled on
Token
775c1c

Request / Response

Request

GET Parameters

Key Value
code 
"a3485fd8-9355-771c-d1e0-b8a445ea1989.hDRGF0kr-8IJxwgdiK5oC4Qu.08218ae4-852c-4ea2-ae2c-6e3d3d3ea495"
iss 
"https://sso.hestiasap.fr/realms/hestia"
session_state 
"hDRGF0kr-8IJxwgdiK5oC4Qu"
state 
"2b08daaacc708de682a8a609d6f85468"

POST Parameters

No POST parameters

Uploaded Files

No uploaded files

Request Attributes

Key Value
_controller 
"App\Controller\Admin\SecurityController::check"
_firewall_context 
"security.firewall.map.context.admin"
_route 
"admin_oauth_keycloak_check"
_route_params 
[]
_security_firewall_run 
"_security_admin"
_stopwatch_token 
"fa4f32"

Request Headers

Header Value
accept 
"text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8"
accept-encoding 
"gzip, deflate, br, zstd"
accept-language 
"fr,fr-FR;q=0.9,en-US;q=0.8,en;q=0.7"
connection 
"keep-alive"
cookie 
"_ga_B0YT8FBHQF=GS2.1.s1780672760$o3$g1$t1780676507$j60$l0$h1988630862; _ga=GA1.1.71603303.1772966398; _gcl_au=1.1.460642123.1772966398.1628591171.1780641049.1780641354; main_deauth_profile_token=5ce6e5; PHPSESSID=86a5383ef893492086f1b8c39f1161ca; admin_deauth_profile_token=a2c81d"
host 
"new.hestiasap.fr"
priority 
"u=0, i"
sec-fetch-dest 
"document"
sec-fetch-mode 
"navigate"
sec-fetch-site 
"none"
sec-fetch-user 
"?1"
upgrade-insecure-requests 
"1"
user-agent 
"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:151.0) Gecko/20100101 Firefox/151.0"
x-php-ob-level 
"1"

Request Content

Request content not available (it was retrieved as a resource).

Retry Command

curl \
  --compressed \
  --url 'https://new.hestiasap.fr/admin/oauth/keycloak/check?code=a3485fd8-9355-771c-d1e0-b8a445ea1989.hDRGF0kr-8IJxwgdiK5oC4Qu.08218ae4-852c-4ea2-ae2c-6e3d3d3ea495&iss=https%3A%2F%2Fsso.hestiasap.fr%2Frealms%2Fhestia&session_state=hDRGF0kr-8IJxwgdiK5oC4Qu&state=2b08daaacc708de682a8a609d6f85468' \
  --header 'Priority: u=0, i' \
  --header 'Sec-Fetch-User: ?1' \
  --header 'Sec-Fetch-Site: none' \
  --header 'Sec-Fetch-Mode: navigate' \
  --header 'Sec-Fetch-Dest: document' \
  --header 'Upgrade-Insecure-Requests: 1' \
  --header 'Connection: keep-alive' \
  --header 'Accept-Encoding: gzip, deflate, br, zstd' \
  --header 'Accept-Language: fr,fr-FR;q=0.9,en-US;q=0.8,en;q=0.7' \
  --header 'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8' \
  --header 'User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:151.0) Gecko/20100101 Firefox/151.0' \
  --header 'X-Php-Ob-Level: 1' \
  --cookie '_ga_B0YT8FBHQF=GS2.1.s1780672760%24o3%24g1%24t1780676507%24j60%24l0%24h1988630862; _ga=GA1.1.71603303.1772966398; _gcl_au=1.1.460642123.1772966398.1628591171.1780641049.1780641354; main_deauth_profile_token=5ce6e5; PHPSESSID=86a5383ef893492086f1b8c39f1161ca; admin_deauth_profile_token=a2c81d'

Response

Response Headers

Header Value
cache-control 
"max-age=0, must-revalidate, private"
content-type 
"text/html; charset=UTF-8"
date 
"Fri, 05 Jun 2026 17:47:44 GMT"
expires 
"Fri, 05 Jun 2026 17:47:44 GMT"
x-debug-token 
"775c1c"
x-robots-tag 
"noindex"

Cookies

Request Cookies

Key Value
PHPSESSID 
"86a5383ef893492086f1b8c39f1161ca"
_ga 
"GA1.1.71603303.1772966398"
_ga_B0YT8FBHQF 
"GS2.1.s1780672760$o3$g1$t1780676507$j60$l0$h1988630862"
_gcl_au 
"1.1.460642123.1772966398.1628591171.1780641049.1780641354"
admin_deauth_profile_token 
"a2c81d"
main_deauth_profile_token 
"5ce6e5"

Response Cookies

No response cookies

Session 2

Session Metadata

No session metadata

Session Attributes

No session attributes

Session Usage

2 Usages
Stateless check enabled
Usage
Symfony\Component\Security\Core\Authentication\Token\Storage\UsageTrackingTokenStorage:39
Show trace 
[
  [
    "file" => "/var/www/hestia-site/vendor/symfony/security-core/Authentication/Token/Storage/UsageTrackingTokenStorage.php"
    "line" => 39
    "function" => "getMetadataBag"
    "class" => "Symfony\Component\HttpFoundation\Session\Session"
    "type" => "->"
  ]
  [
    "file" => "/var/www/hestia-site/vendor/symfony/security-http/Authentication/AuthenticatorManager.php"
    "line" => 174
    "function" => "getToken"
    "class" => "Symfony\Component\Security\Core\Authentication\Token\Storage\UsageTrackingTokenStorage"
    "type" => "->"
  ]
  [
    "file" => "/var/www/hestia-site/vendor/symfony/security-http/Authentication/AuthenticatorManager.php"
    "line" => 160
    "function" => "executeAuthenticator"
    "class" => "Symfony\Component\Security\Http\Authentication\AuthenticatorManager"
    "type" => "->"
  ]
  [
    "file" => "/var/www/hestia-site/vendor/symfony/security-http/Authentication/AuthenticatorManager.php"
    "line" => 142
    "function" => "executeAuthenticators"
    "class" => "Symfony\Component\Security\Http\Authentication\AuthenticatorManager"
    "type" => "->"
  ]
  [
    "file" => "/var/www/hestia-site/vendor/symfony/security-http/Firewall/AuthenticatorManagerListener.php"
    "line" => 38
    "function" => "authenticateRequest"
    "class" => "Symfony\Component\Security\Http\Authentication\AuthenticatorManager"
    "type" => "->"
  ]
  [
    "file" => "/var/www/hestia-site/vendor/symfony/security-http/Authenticator/Debug/TraceableAuthenticatorManagerListener.php"
    "line" => 58
    "function" => "authenticate"
    "class" => "Symfony\Component\Security\Http\Firewall\AuthenticatorManagerListener"
    "type" => "->"
  ]
  [
    "file" => "/var/www/hestia-site/vendor/symfony/security-bundle/Debug/WrappedLazyListener.php"
    "line" => 52
    "function" => "authenticate"
    "class" => "Symfony\Component\Security\Http\Authenticator\Debug\TraceableAuthenticatorManagerListener"
    "type" => "->"
  ]
  [
    "file" => "/var/www/hestia-site/vendor/symfony/security-bundle/Debug/TraceableFirewallListener.php"
    "line" => 88
    "function" => "authenticate"
    "class" => "Symfony\Bundle\SecurityBundle\Debug\WrappedLazyListener"
    "type" => "->"
  ]
  [
    "file" => "/var/www/hestia-site/vendor/symfony/security-http/Firewall.php"
    "line" => 86
    "function" => "callListeners"
    "class" => "Symfony\Bundle\SecurityBundle\Debug\TraceableFirewallListener"
    "type" => "->"
  ]
  [
    "file" => "/var/www/hestia-site/vendor/symfony/event-dispatcher/Debug/WrappedListener.php"
    "line" => 115
    "function" => "onKernelRequest"
    "class" => "Symfony\Component\Security\Http\Firewall"
    "type" => "->"
  ]
  [
    "file" => "/var/www/hestia-site/vendor/symfony/event-dispatcher/EventDispatcher.php"
    "line" => 206
    "function" => "__invoke"
    "class" => "Symfony\Component\EventDispatcher\Debug\WrappedListener"
    "type" => "->"
  ]
  [
    "file" => "/var/www/hestia-site/vendor/symfony/event-dispatcher/EventDispatcher.php"
    "line" => 56
    "function" => "callListeners"
    "class" => "Symfony\Component\EventDispatcher\EventDispatcher"
    "type" => "->"
  ]
  [
    "file" => "/var/www/hestia-site/vendor/symfony/event-dispatcher/Debug/TraceableEventDispatcher.php"
    "line" => 129
    "function" => "dispatch"
    "class" => "Symfony\Component\EventDispatcher\EventDispatcher"
    "type" => "->"
  ]
  [
    "file" => "/var/www/hestia-site/vendor/symfony/http-kernel/HttpKernel.php"
    "line" => 162
    "function" => "dispatch"
    "class" => "Symfony\Component\EventDispatcher\Debug\TraceableEventDispatcher"
    "type" => "->"
  ]
  [
    "file" => "/var/www/hestia-site/vendor/symfony/http-kernel/HttpKernel.php"
    "line" => 79
    "function" => "handleRaw"
    "class" => "Symfony\Component\HttpKernel\HttpKernel"
    "type" => "->"
  ]
  [
    "file" => "/var/www/hestia-site/vendor/symfony/http-kernel/Kernel.php"
    "line" => 143
    "function" => "handle"
    "class" => "Symfony\Component\HttpKernel\HttpKernel"
    "type" => "->"
  ]
  [
    "file" => "/var/www/hestia-site/vendor/symfony/runtime/Runner/Symfony/HttpKernelRunner.php"
    "line" => 34
    "function" => "handle"
    "class" => "Symfony\Component\HttpKernel\Kernel"
    "type" => "->"
  ]
  [
    "file" => "/var/www/hestia-site/vendor/autoload_runtime.php"
    "line" => 32
    "function" => "run"
    "class" => "Symfony\Component\Runtime\Runner\Symfony\HttpKernelRunner"
    "type" => "->"
  ]
  [
    "file" => "/var/www/hestia-site/public/index.php"
    "line" => 5
    "args" => [
      "/var/www/hestia-site/vendor/autoload_runtime.php"
    ]
    "function" => "require_once"
  ]
]
KnpU\OAuth2ClientBundle\Client\OAuth2Client:94
Show trace 
[
  [
    "file" => "/var/www/hestia-site/vendor/knpuniversity/oauth2-client-bundle/src/Client/OAuth2Client.php"
    "line" => 94
    "function" => "get"
    "class" => "Symfony\Component\HttpFoundation\Session\Session"
    "type" => "->"
  ]
  [
    "file" => "/var/www/hestia-site/vendor/knpuniversity/oauth2-client-bundle/src/Security/Authenticator/OAuth2Authenticator.php"
    "line" => 38
    "function" => "getAccessToken"
    "class" => "KnpU\OAuth2ClientBundle\Client\OAuth2Client"
    "type" => "->"
  ]
  [
    "file" => "/var/www/hestia-site/src/Security/KeycloakAuthenticator.php"
    "line" => 43
    "function" => "fetchAccessToken"
    "class" => "KnpU\OAuth2ClientBundle\Security\Authenticator\OAuth2Authenticator"
    "type" => "->"
  ]
  [
    "file" => "/var/www/hestia-site/vendor/symfony/security-http/Authenticator/Debug/TraceableAuthenticator.php"
    "line" => 72
    "function" => "authenticate"
    "class" => "App\Security\KeycloakAuthenticator"
    "type" => "->"
  ]
  [
    "file" => "/var/www/hestia-site/vendor/symfony/security-http/Authentication/AuthenticatorManager.php"
    "line" => 178
    "function" => "authenticate"
    "class" => "Symfony\Component\Security\Http\Authenticator\Debug\TraceableAuthenticator"
    "type" => "->"
  ]
  [
    "file" => "/var/www/hestia-site/vendor/symfony/security-http/Authentication/AuthenticatorManager.php"
    "line" => 160
    "function" => "executeAuthenticator"
    "class" => "Symfony\Component\Security\Http\Authentication\AuthenticatorManager"
    "type" => "->"
  ]
  [
    "file" => "/var/www/hestia-site/vendor/symfony/security-http/Authentication/AuthenticatorManager.php"
    "line" => 142
    "function" => "executeAuthenticators"
    "class" => "Symfony\Component\Security\Http\Authentication\AuthenticatorManager"
    "type" => "->"
  ]
  [
    "file" => "/var/www/hestia-site/vendor/symfony/security-http/Firewall/AuthenticatorManagerListener.php"
    "line" => 38
    "function" => "authenticateRequest"
    "class" => "Symfony\Component\Security\Http\Authentication\AuthenticatorManager"
    "type" => "->"
  ]
  [
    "file" => "/var/www/hestia-site/vendor/symfony/security-http/Authenticator/Debug/TraceableAuthenticatorManagerListener.php"
    "line" => 58
    "function" => "authenticate"
    "class" => "Symfony\Component\Security\Http\Firewall\AuthenticatorManagerListener"
    "type" => "->"
  ]
  [
    "file" => "/var/www/hestia-site/vendor/symfony/security-bundle/Debug/WrappedLazyListener.php"
    "line" => 52
    "function" => "authenticate"
    "class" => "Symfony\Component\Security\Http\Authenticator\Debug\TraceableAuthenticatorManagerListener"
    "type" => "->"
  ]
  [
    "file" => "/var/www/hestia-site/vendor/symfony/security-bundle/Debug/TraceableFirewallListener.php"
    "line" => 88
    "function" => "authenticate"
    "class" => "Symfony\Bundle\SecurityBundle\Debug\WrappedLazyListener"
    "type" => "->"
  ]
  [
    "file" => "/var/www/hestia-site/vendor/symfony/security-http/Firewall.php"
    "line" => 86
    "function" => "callListeners"
    "class" => "Symfony\Bundle\SecurityBundle\Debug\TraceableFirewallListener"
    "type" => "->"
  ]
  [
    "file" => "/var/www/hestia-site/vendor/symfony/event-dispatcher/Debug/WrappedListener.php"
    "line" => 115
    "function" => "onKernelRequest"
    "class" => "Symfony\Component\Security\Http\Firewall"
    "type" => "->"
  ]
  [
    "file" => "/var/www/hestia-site/vendor/symfony/event-dispatcher/EventDispatcher.php"
    "line" => 206
    "function" => "__invoke"
    "class" => "Symfony\Component\EventDispatcher\Debug\WrappedListener"
    "type" => "->"
  ]
  [
    "file" => "/var/www/hestia-site/vendor/symfony/event-dispatcher/EventDispatcher.php"
    "line" => 56
    "function" => "callListeners"
    "class" => "Symfony\Component\EventDispatcher\EventDispatcher"
    "type" => "->"
  ]
  [
    "file" => "/var/www/hestia-site/vendor/symfony/event-dispatcher/Debug/TraceableEventDispatcher.php"
    "line" => 129
    "function" => "dispatch"
    "class" => "Symfony\Component\EventDispatcher\EventDispatcher"
    "type" => "->"
  ]
  [
    "file" => "/var/www/hestia-site/vendor/symfony/http-kernel/HttpKernel.php"
    "line" => 162
    "function" => "dispatch"
    "class" => "Symfony\Component\EventDispatcher\Debug\TraceableEventDispatcher"
    "type" => "->"
  ]
  [
    "file" => "/var/www/hestia-site/vendor/symfony/http-kernel/HttpKernel.php"
    "line" => 79
    "function" => "handleRaw"
    "class" => "Symfony\Component\HttpKernel\HttpKernel"
    "type" => "->"
  ]
  [
    "file" => "/var/www/hestia-site/vendor/symfony/http-kernel/Kernel.php"
    "line" => 143
    "function" => "handle"
    "class" => "Symfony\Component\HttpKernel\HttpKernel"
    "type" => "->"
  ]
  [
    "file" => "/var/www/hestia-site/vendor/symfony/runtime/Runner/Symfony/HttpKernelRunner.php"
    "line" => 34
    "function" => "handle"
    "class" => "Symfony\Component\HttpKernel\Kernel"
    "type" => "->"
  ]
  [
    "file" => "/var/www/hestia-site/vendor/autoload_runtime.php"
    "line" => 32
    "function" => "run"
    "class" => "Symfony\Component\Runtime\Runner\Symfony\HttpKernelRunner"
    "type" => "->"
  ]
  [
    "file" => "/var/www/hestia-site/public/index.php"
    "line" => 5
    "args" => [
      "/var/www/hestia-site/vendor/autoload_runtime.php"
    ]
    "function" => "require_once"
  ]
]

Flashes

Flashes

No flash messages were created.

Server Parameters

Server Parameters

Defined in .env

Key Value
APP_ENV 
"dev"
APP_PRODUCTION_HOST 
"www.hestiasap.fr"
APP_SECRET 
"61c132b3b94051e2af4d4e45e3ded3c1"
APP_SHARE_DIR 
"var/share"
CONTACT_TO 
"contact@hestiasap.fr"
DATABASE_URL 
"mysql://hestia:jK2Qa4ig7xYyXh5xoG0WTZtbcsZv@127.0.0.1:3306/hestia?serverVersion=10.6.25-MariaDB&charset=utf8mb4"
DEFAULT_URI 
"http://localhost"
MAILER_DSN 
"smtp://siteweb%40hestiasap.re:aOr0OVX8460RZrOVjlsU76muNwDb7@mail.hestiasap.fr:465"
MAILER_SENDER 
"siteweb@hestiasap.re"
MESSENGER_TRANSPORT_DSN 
"doctrine://default?auto_setup=0"
OAUTH_KEYCLOAK_BASE_URL 
"https://sso.hestiasap.fr"
OAUTH_KEYCLOAK_CLIENT_ID 
"hestia-site"
OAUTH_KEYCLOAK_CLIENT_SECRET 
"zGWlMuMJ2UqGgBnPuqdAlNFP2afpOz8Q"
OAUTH_KEYCLOAK_REALM 
"hestia"

Defined as regular env variables

Key Value
APP_DEBUG 
"1"
APP_PROJECT_DIR 
"/var/www/hestia-site"
APP_RUNTIME 
"Symfony\Component\Runtime\SymfonyRuntime"
APP_RUNTIME_OPTIONS 
[
  "project_dir" => "/var/www/hestia-site"
]
CONTEXT_DOCUMENT_ROOT 
"/var/www/hestia-site/public"
CONTEXT_PREFIX 
""
DOCUMENT_ROOT 
"/var/www/hestia-site/public"
FCGI_ROLE 
"RESPONDER"
GATEWAY_INTERFACE 
"CGI/1.1"
HOME 
"/var/www"
HTTPS 
"on"
HTTP_ACCEPT 
"text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8"
HTTP_ACCEPT_ENCODING 
"gzip, deflate, br, zstd"
HTTP_ACCEPT_LANGUAGE 
"fr,fr-FR;q=0.9,en-US;q=0.8,en;q=0.7"
HTTP_CONNECTION 
"keep-alive"
HTTP_COOKIE 
"_ga_B0YT8FBHQF=GS2.1.s1780672760$o3$g1$t1780676507$j60$l0$h1988630862; _ga=GA1.1.71603303.1772966398; _gcl_au=1.1.460642123.1772966398.1628591171.1780641049.1780641354; main_deauth_profile_token=5ce6e5; PHPSESSID=86a5383ef893492086f1b8c39f1161ca; admin_deauth_profile_token=a2c81d"
HTTP_HOST 
"new.hestiasap.fr"
HTTP_PRIORITY 
"u=0, i"
HTTP_SEC_FETCH_DEST 
"document"
HTTP_SEC_FETCH_MODE 
"navigate"
HTTP_SEC_FETCH_SITE 
"none"
HTTP_SEC_FETCH_USER 
"?1"
HTTP_UPGRADE_INSECURE_REQUESTS 
"1"
HTTP_USER_AGENT 
"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:151.0) Gecko/20100101 Firefox/151.0"
PATH 
"/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin"
PHP_SELF 
"/index.php"
QUERY_STRING 
"state=2b08daaacc708de682a8a609d6f85468&session_state=hDRGF0kr-8IJxwgdiK5oC4Qu&iss=https%3A%2F%2Fsso.hestiasap.fr%2Frealms%2Fhestia&code=a3485fd8-9355-771c-d1e0-b8a445ea1989.hDRGF0kr-8IJxwgdiK5oC4Qu.08218ae4-852c-4ea2-ae2c-6e3d3d3ea495"
REMOTE_ADDR 
"83.198.135.246"
REMOTE_PORT 
"54214"
REQUEST_METHOD 
"GET"
REQUEST_SCHEME 
"https"
REQUEST_TIME 
1780681664
REQUEST_TIME_FLOAT 
1780681664.1437
REQUEST_URI 
"/admin/oauth/keycloak/check?state=2b08daaacc708de682a8a609d6f85468&session_state=hDRGF0kr-8IJxwgdiK5oC4Qu&iss=https%3A%2F%2Fsso.hestiasap.fr%2Frealms%2Fhestia&code=a3485fd8-9355-771c-d1e0-b8a445ea1989.hDRGF0kr-8IJxwgdiK5oC4Qu.08218ae4-852c-4ea2-ae2c-6e3d3d3ea495"
SCRIPT_FILENAME 
"//var/www/hestia-site/public/index.php"
SCRIPT_NAME 
"/index.php"
SERVER_ADDR 
"51.210.149.84"
SERVER_ADMIN 
"[no address given]"
SERVER_NAME 
"new.hestiasap.fr"
SERVER_PORT 
"443"
SERVER_PROTOCOL 
"HTTP/1.1"
SERVER_SIGNATURE 
"<address>Apache/2.4.67 (Debian) Server at new.hestiasap.fr Port 443</address>\n"
SERVER_SOFTWARE 
"Apache/2.4.67 (Debian)"
SSL_TLS_SNI 
"new.hestiasap.fr"
SYMFONY_DOTENV_PATH 
"/var/www/hestia-site/.env"
SYMFONY_DOTENV_VARS 
"APP_ENV,APP_SECRET,APP_SHARE_DIR,APP_PRODUCTION_HOST,DEFAULT_URI,DATABASE_URL,MESSENGER_TRANSPORT_DSN,MAILER_DSN,MAILER_SENDER,CONTACT_TO,OAUTH_KEYCLOAK_BASE_URL,OAUTH_KEYCLOAK_REALM,OAUTH_KEYCLOAK_CLIENT_ID,OAUTH_KEYCLOAK_CLIENT_SECRET"
USER 
"www-data"
proxy-nokeepalive 
"1"