Closed P3TP0 closed 5 months ago
github-actions[bot]
commented
5 months ago Hi 👋. Thank you for submitting your first issue to Homarr. Please ensure that you've provided all nessesary information. You can use the three dots > Edit button to update your post with additional images and information. Depending on the current volume of requests, the team should get in conact with you shortly.
flwilk
commented
5 months ago Had the same problem at the weekend. You have to ceate some Client Scopes for homarr in keycloak:
~openid~
groups
Then you have to map the scopes to the homarr client on keycloak. With this setting I got it to work. 2FA did not work so far...
Perhaps somone could explain why we hat to add these scopes? And what infrmation should get mapped to it?
AUTH_OIDC_URI for keycloak should look like this: AUTH_OIDC_URI: "https://mydomain.com/realms/yourRealm"
P3TP0
commented
5 months ago Had the same problem at the weekend. You have to ceate some Client Scopes for homarr in keycloak: openid groups
Then you have to map the scopes to the homarr client on keycloak. With this setting I got it to work. 2FA did not work so far...
Perhaps somone could explain why we hat to add these scopes? And what infrmation should get mapped to it?
AUTH_OIDC_URI for keycloak should look like this: AUTH_OIDC_URI: "https://mydomain.com/realms/yourRealm"
Wow, thank you so much! Adding client areas and replacing the link to the realm really helped! Closing the topic, the problem has been solved.
flwilk
commented
5 months ago Attention error: The problem is not the openid scope (this is standard and is therefore not displayed) Please do NOT create the openid scope! Only the "groups" scope is required. This can then be mapped using Token Mapper (User Realm Role).
The groups-score seems to have been standard in keycloak until version 23, in version 24 it is not created by default!
Environment
Docker
Version
fix-redirect-oidc
Describe the problem
Greetings!
Please help me figure out how to set up authentication via Keycloak. I created a client in Keycloak, configured everything according to the documentation, but when I try to log in under Keycloak, it redirects to localhost:7575 I tried adding NEXTAUTH_URL, but when I try to log in via Keycloak, it redirects to https://subdomain.example.com/auth/login?callbackUrl=https%3A%2F%2Fsubdomain.example.com%2F&error=OAuthSignin
Here is the docker-compose file:
version: '3' services: homarr: container_name: homarr image: ghcr.io/ajnart/homarr:fix-redirect-oidc restart: unless-stopped volumes:
Here is the .env file:
DEFAULT_COLOR_SCHEME=dark AUTH_PROVIDER=oidc BASE_URL=subdomain.example.com AUTH_OIDC_URI=https://keycloak.example.com/realms/myrealm/.well-known/openid-configuration AUTH_OIDC_CLIENT_ID=homarr AUTH_OIDC_CLIENT_SECRET=secret AUTH_OIDC_CLIENT_NAME=SSO NEXTAUTH_URL=https://subdomain.example.com/
Please tell me how to set it up and what am I doing wrong
Logs
[next-auth][error][SIGNIN_OAUTH_ERROR] https://next-auth.js.org/errors#signin_oauth_error HTTP 404 Not Found { error: { message: 'HTTP 404 Not Found', stack: 'OPError: HTTP 404 Not Found\n' + ' at processResponse (/app/node_modules/openid-client/lib/helpers/process_response.js:38:13)\n' + ' at Issuer.discover (/app/node_modules/openid-client/lib/issuer.js:152:20)\n' + ' at process.processTicksAndRejections (node:internal/process/task_queues:95:5)\n' + ' at async openidClient (/app/node_modules/next-auth/core/lib/oauth/client.js:16:14)\n' + ' at async getAuthorizationUrl (/app/node_modules/next-auth/core/lib/oauth/authorization-url.js:70:18)\n' + ' at async Object.signin (/app/node_modules/next-auth/core/routes/signin.js:38:24)\n' + ' at async AuthHandler (/app/node_modules/next-auth/core/index.js:260:26)\n' + ' at async NextAuthApiHandler (/app/node_modules/next-auth/next/index.js:22:19)\n' + ' at async auth (/app/.next/server/pages/api/auth/[...nextauth].js:129:12)', name: 'OPError' }, providerId: 'oidc', message: 'HTTP 404 Not Found' }
Context
No response
Please tick the boxes