Automatically closed - issue fixed for 2 weeks with no activity.
I am trying to integrate authentication via ORCID , which provides following endpoints for jwk:
- https://sandbox.orcid.org/oauth/jwks
- https://orcid.org/oauth/jwks
In both endpoints the alg field is missing.
This leads to a situation where the JWK cannot be saved into key value storage, it is skipped in the process due to missing field at line:
https://git.drupalcode.org/project/oidc/-/blob/2.x/src/OpenidConnectReal...
The RFC for JWK states that usage of alg key is optional:
https://datatracker.ietf.org/doc/html/rfc7517#section-4.4
See similar issue for AWS JWT Verify repo: https://github.com/awslabs/aws-jwt-verify/issues/6
Try Integrate ORCID with using oicd module: https://info.orcid.org/documentation/integration-guide/getting-started-w...
Do not force check of alg field as it seems to be optional.
The removal of this condition should be safe as the alg field is not used anywhere
docroot/modules/contrib/oidc$ grep -R 'alg'
docker/keycloak-realm.json: "algorithm" : [ "HS256" ]
src/OpenidConnectRealm/OpenidConnectRealmBase.php: if (!isset($key['kid'], $key['kty'], $key['alg'])) {
If I swap following line:
if (!isset($key['kid'], $key['kty'], $key['alg'])) {
with:
if (!isset($key['kid'], $key['kty'])) {
The issue is gone and I can log in without any problems.
Add MR with proposed changes
None.
None.
None.
Fixed
2.0
Code
Not all content is available!
It's likely this issue predates Contrib.social: some issue and comment data are missing.
Automatically closed - issue fixed for 2 weeks with no activity.