Contrib.social

Logging in with Generic could not be completed due to an error.

Open on Drupal.org β†’
Created on 14 September 2018, over 6 years ago
Updated 21 October 2023, over 1 year ago

Hello,

The IT Team migrated from Auth0 platform to cloud. After the migration, users are now receiving one of two errors:

"No e-mail address provided by Generic"

or

"Logging in with Generic could not be completed due to an error."

Within the Drupal logs, it shows the following two errors:

Type	openid_connect_generic
Location	https://xyz.com/openid-connect/generic?code=YHNsIbW9iifUK_iw&state=ElX4J58uuX9x8w0KqbbHt-jOZKCsFMfbDBa6LecmxOc
Referrer	https://auth.xyz.com/login?state=qDencJjlXU0bGzV5gM-SFYKKHxxsXX6g&client=csn1jpWMxsSf0gxHm0F1OXPdcR2wDB86&protocol=oauth2&response_type=code&scope=openid%20email%20profile&redirect_uri=https%3A%2F%2Fxyz.com%2Fopenid-connect%2Fgeneric
Message	Could not retrieve user profile information (401 Unauthorized). Details:
Type	openid_connect
Location	https://xyz.com/openid-connect/generic?code=YHNsIbW9iifUK_iw&state=ElX4J58uuX9x8w0KqbbHt-jOZKCsFMfbDBa6LecmxOc
Referrer	https://auth.xyz.com/login?state=qDencJjlXU0bGzV5gM-SFYKKHxxsXX6g&client=csn1jpWMxsSf0gxHm0F1OXPdcR2wDB86&protocol=oauth2&response_type=code&scope=openid%20email%20profile&redirect_uri=https%3A%2F%2Fxyz.com%2Fopenid-connect%2Fgeneric
Message	No e-mail address provided by Okta

Details for the Authorize call from Chrome DevTools:

client_id: csn1jpWMxsSf0gxHm0F1OXPdcR2wDB86
response_type: code
redirect_uri: https://xyz.com/openid-connect/generic
connection: CompanyActiveDirectory
login_hint: [email]@[domain].com
sso: true
state: qDencJjlXU0bGzV5gM-SFYKKHxxsXX6g
protocol: oauth2
scope: openid email profile
_csrf: 8tnV3kbM-IjTKvps3y4OPPEsJ872JHUOa4nc
_intstate: deprecated
auth0Client: eyJuYW1lIjoibG9jay5qcyIsInZlcnNpb24iOiIxMC4xOC4wIiwibGliX3ZlcnNpb24iOiI4LjcuMCJ9

One thing that stands out to me is that the email address is being passed through the login_hint parameter. No idea if this was happening before the switch, but I would've thought it would be passed through the 'mail' parameter instead.

I know there weren't any changes made to the Drupal site so I'm wondering what could be happening here. Unfortunately, the site is behind the company firewall so sharing it won't be of any help. If I can provide more info, please let me know. Any suggestions would be greatly appreciated!

πŸ’¬ Support request
Status

Needs work

Version

1.0

Component

Code

Created by

πŸ‡ΊπŸ‡ΈUnited States CLKeenan

Live updates comments and jobs are added and updated live.
Sign in to follow issues

Comments & Activities

Not all content is available!

It's likely this issue predates Contrib.social: some issue and comment data are missing.

  • Comment over 1 year ago β†’
    πŸ‡©πŸ‡ͺGermany sanduhrs πŸ‡ͺπŸ‡Ί Heidelberg, Germany, Europe

    Does not apply against latest -dev

  • Status changed to Closed: won't fix over 1 year ago
  • Comment over 1 year ago β†’
    πŸ‡©πŸ‡ͺGermany sanduhrs πŸ‡ͺπŸ‡Ί Heidelberg, Germany, Europe

    Also this previously was a support request and, although the patch looks interesting, this can be achieved by implementing a provider specific plugin.
    So closing as won't fix, please open a new feature request if there's still interest.

  • Comment 3 months ago β†’
    πŸ‡©πŸ‡ͺGermany marko991

    Hi everyone,

    I am new with Drupal and Openid_connect module.
    In short terms, I building docker container from the image - wodby/drupal:7-8.0 and I have installed the openid_connect module which I think it's compatible with this Drupal version. The openid_connect module is drupal/openid_connect:^1.3.

    Inside Configuration I can see OpenIDConnect where I can choose some of the enabled clients, such as Generic, Google and Keyclock.
    I need to set up openid_connect with another provider, in my case ORCID.

    So, I suppose it can be done using Generic, or not, not sure. I have added all needed to the drupal config page, client_id, secret etc. Also have created project in ORCID, where redirect_url is defined.

    When I set all the config, I can see the button Login using Generic, and I can see that this URL is triggered:

    https://orcid.org/oauth/authorize?client_id={my_client_id}&response_type=code&scope=openid%20email%20profile&redirect_uri=https%3A//0033-31-16-248-98.ngrok-free.app/openid-connect/generic&state=ZDOTJP_bNk8H8_2-WQhAzTg_pvGsah9oBhl15nAUV4k

    and after few seconds I can see the similar message I read here - Logging in with Generic could not be completed due to an error.

    Can anyone help me, or the better question - can this be done with ORCID?

    Thanks in advance!

  • Comment 3 months ago β†’
    πŸ‡©πŸ‡ͺGermany marko991

    Hi everyone,

    I am new with Drupal and Openid_connect module.
    In short terms, I building docker container from the image - wodby/drupal:7-8.0 and I have installed the openid_connect module which I think it's compatible with this Drupal version. The openid_connect module is drupal/openid_connect:^1.3.

    Inside Configuration I can see OpenIDConnect where I can choose some of the enabled clients, such as Generic, Google and Keyclock.
    I need to set up openid_connect with another provider, in my case ORCID.

    So, I suppose it can be done using Generic, or not, not sure. I have added all needed to the drupal config page, client_id, secret etc. Also have created project in ORCID, where redirect_url is defined.

    When I set all the config, I can see the button Login using Generic, and I can see that this URL is triggered:

    https://orcid.org/oauth/authorize?client_id={my_client_id}&response_type=code&scope=openid%20email%20profile&redirect_uri=https%3A//0033-31-16-248-98.ngrok-free.app/openid-connect/generic&state=ZDOTJP_bNk8H8_2-WQhAzTg_pvGsah9oBhl15nAUV4k

    and after few seconds I can see the similar message I read here - Logging in with Generic could not be completed due to an error.

    Can anyone help me, or the better question - can this be done with ORCID?

    Thanks in advance!

contrib.social Blog FAQ Discussions
Production build 0.71.5 2024