search

advplyr / audiobookshelf

Self-hosted audiobook and podcast server
https://audiobookshelf.org
GNU General Public License v3.0
6.39k stars 451 forks source link

[Bug]: Cosmos Server OIDC & Audiobookshelf Error #3131

Closed mandopatriot closed 3 months ago

mandopatriot commented 3 months ago

What happened?

ERROR: "[Auth] Error in openid callback - OPError: invalid_client (Client authentication failed (e.g., unknown client, no client authentication included, or unsupported authentication method).)" (Auth.js:564)

Getting this error when trying to auth into Audiobookshelf via Cosmos Server (https://github.com/azukaar/Cosmos-Server). In Cosmos, I configured a new client with ID abs and redirect https://mydomain/auth/openid/callback,https://mydomain/auth/openid/mobile-redirect (issue is the same if I only include the web redirect). I copy the secret and set client ID and secret in Audiobookshelf. I use https://mydomain/.well-known/openid-configuration to autopopulate the URLs. I match existing by email and set Auto Register, but leaving at default produces same issue.

Once saving, I use a different browser that has history deleted, open private tab, and navigate to Audiobookshelf. I choose Login with OAuth, login to Cosmos Server, and choose to include email. Regardless if this is a new user or an existing one, I see the above log for each auth attempt. I've tried different client ID and secrets, same issue.

I ran the OpenID Debugger (https://openidconnect.net/) by setting up a new client and everything comes back valid, so it appears my identify provider is working correctly.

What did you expect to happen?

Successful auth to Audiobookshelf via OpenID.

Steps to reproduce the issue

  1. Create client and secret in Cosmos Server.
  2. Enable OpenID in Audiobookshelf and set values.
  3. Test and confirm error.

Audiobookshelf version

2.10.1

How are you running audiobookshelf?

Docker

What OS is your Audiobookshelf server hosted from?

Linux

If the issue is being seen in the UI, what browsers are you seeing the problem on?

None

Logs

No response

Additional Notes

No response

advplyr commented 3 months ago

Have you tried resetting the server since you saved your OIDC settings?

mandopatriot commented 3 months ago

Have you tried resetting the server since you saved your OIDC settings?

Thank you! That progressed further and I got a new error that my issuer URL was wrong. I still had https://mydomain/.well-known/openid-configuration as the Issuer. Once I changed that to https://mydomain and restarted the container again everything worked great.

mandopatriot commented 3 months ago

Meant to close, thanks @advplyr