- Merge request !66Issue #3257293 by jkdev: Registered claims error after upgrading from 5.0.5 to 5.2.0 β (Open) created by sanduhrs
- π©πͺGermany jurgenhaas Gottmadingen
For some reason, MR!66 contains a change which is already in 6.0.x, it's that
// phpcs:ignore
line. The attached patch had that removed and it should apply cleanly. - π©πͺGermany jurgenhaas Gottmadingen
Still a slight issue, but now should be ok.
- First commit to issue fork.
- πΊπΈUnited States grasmash
The patches in this PR seem to do more than resolve BC issues, they introduce new support for ID tokens and ISS claims. Valuable stuff, but a separate issue?
>The OpenID Connect token id response needed some treatment as-well.
I'd love to see those parts merged.
- πΊπΈUnited States grasmash
@jurgenhaas, @sanduhrs any chance you can tell me how to actually get the id token? /oauth/token only returns the access token.
- π§πͺBelgium gorkagr
Hi!
if using this module (v5.2.5) for login in a gitlab instance from a D10, I get the following error with the respective MR:
Could not authenticate you from OpenIDConnect because "Request uri must have schema. possibly add 'http://' to the request uri?".
Without the patch, i have the error in #1.
in gitlab I have 2 login providers: oauth2_generic (works fine) and openid_connect (error)
Config details:
gitlab_rails['omniauth_providers'] = [ { name: "openid_connect", label: "OIC", args: { name: 'openid_connect', scope: ['openid', 'oauth2_access_to_profile_information'], response_type: 'code', issuer: 'https://oauth.ddev.site', discovery: false, uid_field: 'preferred_username', client_auth_method: 'basic', client_options: { identifier: 'gitlab', secret: 'gitlab', redirect_uri: 'https://gitlab.ddev.site/users/auth/openid_connect/callback', userinfo_endpoint: "https://oauth.ddev.site/oauth/userinfo", authorization_endpoint: "https://oauth.ddev.site/oauth/authorize", token_endpoint: "https://oauth.ddev.site/oauth/token" } } }, { name: "oauth2_generic", label: "OAUTH", app_id: "git", app_secret: "git", args: { client_options: { site: "https://oauth.ddev.site", user_info_url: "/oauth/v1/userinfo", authorize_url: "/oauth/authorize", token_url: "/oauth/token" }, user_response_structure: { root_path: [], id_path: ["sub"], attributes: { email: "email", name: "name" } }, authorize_params: { scope: "oauth2_access_to_profile_information" }, strategy_class: "OmniAuth::Strategies::OAuth2Generic" } } ]
- Status changed to Needs work
3 months ago 5:30pm 15 March 2024 - First commit to issue fork.
- π¨πSwitzerland znerol
Rebased
3257293-registered-claims-6.0.x
for6.0.0-beta6
.