Call to a member function getKeyValue() on null

Patch fixed the issue for me!

The key can be overwritten with $config. But you have to override the key settings now.

$config['key.key.openid_connect_windows_aad_key']['key_provider_settings']['key_value'] = '...';

I would like to close the issue with won't fix.

I finally got some time to sit down with this one today & webflo is correct, but anyone overriding the key in the old way will need to make a change:

Before, we would override the client_secret with the following:

$config['openid_connect.client.windows_aad']['settings']['client_secret'] = "abc123...";

After the module started supporting the key module, the client_secret is intended to be the ID of a key instead. That key gets loaded & the value retrieved - but because of our override, it wasn't able to load the key so caused the error.

$this->keyRepository->getKey($this->configuration['client_secret'])->getKeyValue();

You'll need to create a key at admin/config/system/keys (if you haven't already / one hasn't already been setup by an update hook), then update your Open ID client config (admin/config/people/openid-connect) to set your Windows AAD client to use that key.

Then in settings.php, replace the above config line with

$config['key.key.openid_connect_windows_aad_key']['key_provider_settings']['key_value'] = "abc123...";

(you may need to change the config name if your key is named something different)

You can still override endpoints / client ID in the old way:

$config['openid_connect.client.windows_aad']['settings']['authorization_endpoint_wa'] = "https://login.microsoftonline.com/{tenantId}/oauth2/v2.0/authorize";
$config['openid_connect.client.windows_aad']['settings']['client_id'] = "{clientId}";
$config['openid_connect.client.windows_aad']['settings']['token_endpoint_wa'] =  "https://login.microsoftonline.com/{tenantId}/oauth2/v2.0/token";

Closing as won't fix, but if I get a chance I might try and submit a patch to handle the error here - the key may not exist if it's been deleted for example:

  protected function getRequestOptions(string $authorization_code, string $redirect_uri): array {
    $options = parent::getRequestOptions($authorization_code, $redirect_uri);
    $options['form_params']['client_secret'] = $this->keyRepository->getKey($this->configuration['client_secret'])->getKeyValue();
    return $options;
  }

I had some trouble applying the fix as described it #12
It's worth mentioning that I had to remove the 'placeholder' value in the config file and set as an empty string for the key value to apply from settings.php

I ended up with this issue due to the configuration about the client secret is not saved even when I created a key and selected it in the form.

Not sure what's the reason as it worked well before upgrading to latest versions:

- Drupal 10.2.4
- OpenID Connect / OAuth client 3.0.0-alpha3
- OpenID Connect Microsoft Azure Active Directory client 2.0.0-beta7

Re-opening, as I just ran into this as well.

It's not that overriding causes an issue, it's that the module allows you to configure an AAD client without a key (it is a not a required field) but then assumes a key exists during authentication and throws this error if it doesn't.

So either the code should be conditional, check if a key is configured before calling getValue() on it *or* make the key mandatory in the client config.