You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I'm struggling with the configuration of mod_auth_openidc in order to have my web pages, hosted on a Apache server, be protected by credentials provided by the oauth2.0 provider embedded on a InvisionCommunity server.
I already managed (without any difficulty) to configure the "OAUTH2.0/social login" plugin of a NextCloud instance so that NextCloud users are redirected to a login page on the InvisionCommunity to be authenticated.
So, on the InvisionCommunity side, a have a set of working authorization https endpoints, keys, clientids, ...
But when I configure the mod_auth_openidc with a valid set of urls and keys, I cannot make the SSO flow working.
I made many many tests, reading a lot, and my problem can summarized this way:
I'm redirected to a InvisionCommunity SSO login page, showing the expected information (scopes, ...)
I'm able to log to InvisionCommunity and I'm immediately redirected back to my defined redirect_uri
but the call to redirect_uri crashes on Apache side with the following error
My current conclusion is that I'm not able to make the mod_auth_openidc module behave as an OAUTH2.0 client.
This may be due to the fact that I did not find any metadata URL I could use to set OIDCProviderMetadataURL. I guess that these metadata should inform the module that should switch to OAUTH2.0.
Since I've no specific skills in the identity management domain nor IDC, I'm spending a lot of energy in testing various configurations.
So, I'm asking here for help to get my configuration working.
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
Uh oh!
There was an error while loading. Please reload this page.
-
I'm struggling with the configuration of mod_auth_openidc in order to have my web pages, hosted on a Apache server, be protected by credentials provided by the oauth2.0 provider embedded on a InvisionCommunity server.
I already managed (without any difficulty) to configure the "OAUTH2.0/social login" plugin of a NextCloud instance so that NextCloud users are redirected to a login page on the InvisionCommunity to be authenticated.
So, on the InvisionCommunity side, a have a set of working authorization https endpoints, keys, clientids, ...
But when I configure the mod_auth_openidc with a valid set of urls and keys, I cannot make the SSO flow working.
I made many many tests, reading a lot, and my problem can summarized this way:
My current conclusion is that I'm not able to make the mod_auth_openidc module behave as an OAUTH2.0 client.
This may be due to the fact that I did not find any metadata URL I could use to set OIDCProviderMetadataURL. I guess that these metadata should inform the module that should switch to OAUTH2.0.
Since I've no specific skills in the identity management domain nor IDC, I'm spending a lot of energy in testing various configurations.
So, I'm asking here for help to get my configuration working.
Thanks.
Beta Was this translation helpful? Give feedback.
All reactions