Auto discover endpoints Issuer URL for Generic client requires `userinfo_endpoint` but it shouldn't

Created on 20 July 2023, over 1 year ago

Problem/Motivation

Auto discover endpoints Issuer URL for Generic client requires `userinfo_endpoint` but it shouldn't
OpenID Connect Discovery documentation states it's REQUIRED and Azure AD does not provide it.
https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata

Steps to reproduce

1. Create new generic client under `/admin/config/people/openid-connect/add/generic`
2. Tick a box `Auto discover endpoints`.
3. Put Azure AD Discovery endpoint.
4. It throws an error that Issuer URL is invalid

Proposed resolution

Remove `userinfo_endpoint` from being required upon form submission.

    if ($result && isset($result['authorization_endpoint']) && isset($result['token_endpoint']) && isset($result['userinfo_endpoint'])) {
      return $result;
    }

Remaining tasks

N/A

User interface changes

N/A

API changes

N/A

Data model changes

N/A

🐛 Bug report

Status

Needs review

Version

3.0

Component

Code

Created by

🇵🇱Poland Turek

Live updates comments and jobs are added and updated live.

Comments & Activities

Issue created by @Turek
Status changed to Needs review over 1 year ago8:31am 20 July 2023
Open in Jenkins → Open on Drupal.org →
Core: 10.0.7 + Environment: PHP 8.1 & MySQL 5.7
last update over 1 year ago
100 pass
Comment over 1 year ago →
🇵🇱Poland Turek
Simple patch for the above case.

contrib.social Blog FAQ Discussions

Production build 0.71.5 2024