- Issue created by @HeneryH
- Assigned to BramDriesen
- π§πͺBelgium BramDriesen Belgium π§πͺ
Looking at this as we speak. It was also reported here.
- @bramdriesen opened merge request.
- Status changed to Needs work
almost 2 years ago 11:09pm 15 March 2023 - π§πͺBelgium BramDriesen Belgium π§πͺ
If you keep the two (super complex) logout functions disabled, you should be fine for now.
I did break a bit of functionality in the KeycloakService in the process. I totally don't understand how the config loading can actually work in the way it is currently set-up. It will require quite a bit of digging to see how to properly fix this. The module also totally doesn't take into account that you can have multiple keycloak instances configured. (I think this is a thing since OpenID Connect 2.x)
- π§πͺBelgium BramDriesen Belgium π§πͺ
So to put it more into perspective. The real issue is that the current keycloak implementation is trying to read all client settings from "openid_connect.settings.keycloak" which should not even exist since there are no specific openid_connect settings defined by the keycloak module. All settings like the base URL for example live in "openid_connect.client.CLIENT_MACHINE_NAME". But there are a lot of config reads in the Keycloak service on that first settings one. To replace the logic to fetch this from the correct client based on the logged in user will be quite a challenge, because there are a LOT of config reads...
Will keep digging.
- πΊπΈUnited States HeneryH
Thank you @bramdriesen.
I have a drupal site coexisting with a Nextcloud instance for document collaboration. Trying to reduce complexity for my users who need to log into both instances.
I have a limited subset of users and not a mission-critical operational model so I am good with experimenting or using some hacks.
Appreciate your efforts!
- π§πͺBelgium BramDriesen Belgium π§πͺ
No problem :-) guess I'll continue again on it this evening!
Also thanks for your testing effort!
- First commit to issue fork.
- Status changed to RTBC
over 1 year ago 7:04pm 28 March 2023 - π§πͺBelgium BramDriesen Belgium π§πͺ
Just tested, and the basics work! Logging in and logging out ;-)
Will merge this so we can tag a working release with at least the most important part working! Will create follow up tickets for all the other things that we might spot.
-
BramDriesen β
committed 5a2a172b on 2.2.x
Issue #3348275 by BramDriesen, p-neyens, jjflynn22, jerrac: Keycloak url...
-
BramDriesen β
committed 5a2a172b on 2.2.x
- Status changed to Fixed
over 1 year ago 7:07pm 28 March 2023 - π§πͺBelgium BramDriesen Belgium π§πͺ
- Issue was unassigned.
Automatically closed - issue fixed for 2 weeks with no activity.
What happened with this issue, its completely break keycloak module. getEndpoints method removed from KeycloakService but getCheckSessionIframeUrl and getKeycloakSignOutEndpoint method still using that. Whole module doesn't work for me.