Comments (11)
jjbohn
commented on July 24, 2024
Pulling down gitlab to take a peak.
from omniauth-openid-connect.
jjbohn
commented on July 24, 2024
@rghose Just checked it out. Looks like it's an issue with your configuration. Check out the example below for pointers. Now that it's a bit further along I'll go ahead and update the README as well to close out #5.
config.omniauth :openid_connect, {
name: :my_provider,
scope: [:openid, :email, :profile, :address],
response_type: :code,
client_options: {
port: 8081,
scheme: "https",
host: "myprovider.com",
identifier: ENV["OP_KEY"],
secret: ENV["OP_SECRET"],
redirect_uri: "http://myapp.com/users/auth/openid_connect/callback",
},
}Some of these options default. For instance, response_type defaults to :code so you really don't need it, but I provided it so you could get a better glimpse into some of the available options.
from omniauth-openid-connect.
jjbohn
commented on July 24, 2024
Going to close the issue for now. If you still have issues, feel free to reopen.
from omniauth-openid-connect.
rghose
commented on July 24, 2024
Well it works but looks like when the host contains slashes it does not!
So I have a sample OpenID Connect Provider in OpenAM running at: host.internal.domain.com/openam and it fails when I use the config as:
205 host: "host.internal.domain.com/openam",
however the redirection works when I use this:
205 host: "host.internal.domain.com",
which results in a 404 on my provider side (of course!)
from omniauth-openid-connect.
rghose
commented on July 24, 2024
It works with extra client_options. I did this:
209 authorization_endpoint: "/openam/oauth2/authorize",
210 token_endpoint: "/openam/oauth2/access_token",
211 userinfo_endpoint: "/openam/oauth2/userinfo"
However, looks like the redirect_url is not correct. Any idea what that might be? I am getting a 404 in gitlab.
ActionController::RoutingError (No route matches [GET] "/users/auth/openid_connect/callback"):
Full stack-trace:
from omniauth-openid-connect.
rghose
commented on July 24, 2024
Well call it magic, but it works now. Guess the apps needed a restart. Thanks again dude!
Well I found the magic, I had to do this:
config.omniauth :openid_connect, {
name: :openid_connect,
scope: [:openid, :email, :profile, :address],
response_type: :code,
client_options: {
port: 8081,
scheme: "https",
host: "myprovider.com",
identifier: ENV["OP_KEY"],
secret: ENV["OP_SECRET"],
redirect_uri: "http://myapp.com/users/auth/openid_connect/callback",
},
}
from omniauth-openid-connect.
inotekk
commented on July 24, 2024
Hello,
I got the same issue : No route matches [GET] "/users/auth/openid_connect/callback"
How this route is created please ?
I don't touch routes.rb and only modify OmniauthCallbacksController by adding this :
def openidconnect
handle_omniauth
end
and added this code to config/initializers/devise.rb :
config.omniauth :openid_connect, {
name: :openid_connect,
scope: [:openid, :email, :profile, :address],
response_type: :code,
client_options: {
port: 443,
scheme: 'https',
host: 'accounts.ozwillo-preprod.eu',
identifier: 'fake-id-for-this-post',
secret: 'fake/secret_key_for_this_post',
#local uri for development
redirect_uri: "http://localhost:3000/users/auth/openid_connect/callback",
},
}
Any idea about missing configuration please ?
Big thanks in advance!
from omniauth-openid-connect.
jjbohn
commented on July 24, 2024
HI @inotekk,
This repo is no longer maintained. There is a maintained fork here though: https://github.com/m0n9oose/omniauth_openid_connect
from omniauth-openid-connect.
inotekk
commented on July 24, 2024
Thanks, i'll change to this gem, try and ask there if i have the same issue.
from omniauth-openid-connect.
inotekk
commented on July 24, 2024
I'm new to github and don't see any issues tab there. Maybe it's not activated...
I change my gem but still don't work with the same message.
I don't see many changes between your version and the new, so i glad you could give me some tips about configuration or possible mistake i have make ?
from omniauth-openid-connect.
inotekk
commented on July 24, 2024
It works !
I'm working from an existing open source project and in my routes.rb someone put :
devise_for(
:users,
{
path: '',
...
}
)
So my uri's begin with http://localhost:3000/auth/openid_connect/
Then i need to specify into client_options the following values :
authorization_endpoint: 'https://my-provider.eu/a/auth',
token_endpoint: 'https://my-provider/a/token',
userinfo_endpoint: 'https://my-provider/a/userinfo',
jwks_uri: 'https://my-provider/a/keys',
Then i need to specify above client_options the following values :
issuer: 'uri finded from the .well-known/openid-configuration uri',
client_jwk_signing_key: 'string content from the jwks_uri',
client_signing_alg: :RS256, #algorithm of my provider
Kind regards
from omniauth-openid-connect.
Related Issues (20)
- acr_values defined as options but not passed HOT 1
- Discovery broken when the Provider returns a set of JWKs
- Verification failed if client signing algorithm is string
- UserInfo response subject must be verified HOT 1
- Option to disable SSL verification HOT 5
- Getting 401 Unauthorized on callback HOT 14
- Getting nil omniauth response hash HOT 15
- Update openid_connect version and push a release? HOT 5
- 422 Unprocessable Entity error retrieving token with `can't verify CSRF authenticity`
- How to merge custom parameter in authorize url
- Install gem on Rails 5 HOT 1
- After sign in with keycloak
- undefined method `auth_code' for #<OpenIDConnect::Client:0x00007fdc02c03f60> HOT 1
- undefined method `alias_method_chain' for Rack::OAuth2::Server::Authorize::Request:Class
- Invalid JSON Format HOT 2
- 404 page gitlab omniauth openid_connect HOT 1
- Execution Expired inside gem.
- allow multiple redirect_uri
- Please refer to the upgraded repository HOT 1
- RubyGems project name?
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from omniauth-openid-connect.