search

Dolibarr / dolibarr

Dolibarr ERP CRM is a modern software package to manage your company or foundation's activity (contacts, suppliers, invoices, orders, stocks, agenda, accounting, ...). it's an open source Web application (written in PHP) designed for businesses of any sizes, foundations and freelancers.
https://www.dolibarr.org
GNU General Public License v3.0
5.51k stars 2.81k forks source link

Issue with OpenID connect #25921

Open battosai30 opened 1 year ago

battosai30 commented 1 year ago

Bug

Hi,

So cool that OpenID is finally here :)

But I had to modify the code to get it working ...

So I set up my Keycloak client and in logs when I try to log in I got "Error bad hostname IP (IP is a local IP). Must be an external URL." After some digging I found that the isIPAllowed() function used in getURLContent() functio used line 70 and 77 of htdocs/core/login/functions_openid_connect.php raised 'Error bad hostname IP (IP is a local IP). Must be an external URL.' error.

My changes :

$token_response = getURLContent($conf->global->MAIN_AUTHENTICATION_OIDC_TOKEN_URL, 'POST', http_build_query($auth_param)); to

$token_response = getURLContent($conf->global->MAIN_AUTHENTICATION_OIDC_TOKEN_URL, 'POST', http_build_query($auth_param),1,array(),array('http', 'https'), 2);

and

$userinfo_response = getURLContent($conf->global->MAIN_AUTHENTICATION_OIDC_USERINFO_URL, 'GET', '', 1, $userinfo_headers);

to $userinfo_response = getURLContent($conf->global->MAIN_AUTHENTICATION_OIDC_USERINFO_URL, 'GET', '', 1, $userinfo_headers, array('http', 'https'), 2);

The solution comes from "$localurl" parameter forced to value 2.

Some informations :

I guess the problem comes from my architecture :

So we have :

Keycloak <---> Nginx Reverse <---> Dolibarr

Regards

Environment Version

18.0.1

Environment OS

Alpine

Environment Web server

Nginx

Environment PHP

8.0.25

Environment Database

MySQL

Environment URL(s)

No response

Expected and actual behavior

No response

Steps to reproduce the behavior

No response

Attached files

No response

rqi14 commented 1 year ago

Same problem. Thanks for the solution.

Bratoun commented 7 months ago

Hi, I am student and I have the same problem. Thanks for the solutions. But I have a question, why this bug is not yet implemented in Dolibarr?

FlorentPoinsaut commented 5 months ago

Hi, Did you try to set a value to the $dolibarr_main_url_root variable in the conf/conf.php config file? Source: https://wiki.dolibarr.org/index.php?title=Fichier_de_configuration

irhad commented 5 months ago

The value you indicate is required, so, it has already been set