internal server error - NoMethodError (undefined method `+' for nil:NilClass)...authorization_url

[fwi27]

Hello

I have some trouble making the plugin work. I have the following error :

Processing by AccountController#oic_login as HTML
   (0.9ms)  SELECT MAX("settings"."updated_on") FROM "settings"
  AnonymousUser Load (0.9ms)  SELECT  "users".* FROM "users" WHERE "users"."type" IN ('AnonymousUser')  ORDER BY "users"."id" ASC LIMIT 1
  Current user: anonymous
   (0.4ms)  BEGIN
  SQL (0.6ms)  INSERT INTO "oic_sessions" ("created_at", "updated_at", "state", "nonce") VALUES ($1, $2, $3, $4) RETURNING "id"  [["created_at", "2017-12-15 20:56:16.409099"], ["updated_at", "2017-12-15 20:56:16.409099"], ["state", "899bd2a7-49e6-4ac0-bfc7-a6f33e64e462"], ["nonce", "d4205b19-059c-43ae-887f-0398a8533296"]]
   (2.5ms)  COMMIT
Completed 500 Internal Server Error in 14ms (ActiveRecord: 5.3ms)

NoMethodError (undefined method `+' for nil:NilClass):
  plugins/redmine_openid_connect/app/models/oic_session.rb:153:in `authorization_url'
  plugins/redmine_openid_connect/lib/redmine_openid_connect/account_controller_patch.rb:61:in `oic_login'
  lib/redmine/sudo_mode.rb:63:in `sudo_mode'

I use a local Keycloak OIDC provider and I provided this URL in the plugin configuration page :

Any idea ?

[avanvucht]

I was getting this error too until I restarted the redmine server. So it looks like that after configuring the OpenID server settings, the redmine server needs to be restarted.

[jcmcken]

I'm hitting this error as well. I've attempted to restart, same result.

[jcmcken]

Turns out I was just using the wrong URL. The URL needs to support the /.well-known/openid-configuration path, which you can test in your browser. So really, the bug is that the plugin throws an unhandled exception when the URL is wrong rather than error appropriately.

[uaqben]

@jcmcken - I have the same error; even though I have the /.well-known/openid-configuration URL specified.

And I've restarted Nginx on several occasions (reason being: it is unclear to me whether redmine's native OpenID feature, Administration/Settings/Authentication/Allow OpenID login and registration, should be activated or turned off when using this plugin)

The OpenID server is a Keycloak instance.

Not sure what else I can try... Any help/guidance welcome!

BTW/FWIW - I have tried both the version of the plugin as hosted here, as well as @jcmcken's fork, with scopes et al.

Environment:
  Redmine version                3.4.4.stable
  Ruby version                   2.4.3-p205 (2017-12-14) [x86_64-linux]
  Rails version                  4.2.8
  Environment                    production
  Database adapter               Mysql2
SCM:
  Git                            2.7.4
  Filesystem                     
Redmine plugins:
  redmine_openid_connect         0.9.3

[jcmcken]

@uaqben If your OIDC config URL is https://example.com/.well-known/openid-configuration, the URL should be set to https://example.com (at least that's what worked for me)

[bcmedeiros]

I had to use the URL without a trailing / as well, otherwise, I would still get an error.

[C0rn3j]

For posterity - Since this is a Keycloak thread, you probably want to use the openid Scope in the plugin settings, and you want to restart Redmine after every change just to be sure you're not hitting a caching issue.

Also I wanted to have both local login and SSO login available, so I hacked the plugin to only use SSO if a special GET parameter is present (opposite of current behavior) and added an extra button to the login form.

https://github.com/C0rn3j/redmine_openid_connect/commit/24d20a248656047e5c41fea9ffe7e5442d0db47b

To get the groups limitation working, you need to create a Group Membership mapper with the Token Claim Name member_of and you need to add an extra slash in the plugin settings as that's how Keycloak sends the group name:

[ghost]

Unfortunately, for some reason it's still failing for me with:

F, [2021-05-27T11:31:33.471675 #1] FATAL -- :
F, [2021-05-27T11:31:33.471740 #1] FATAL -- : NoMethodError (undefined method `+' for nil:NilClass):
F, [2021-05-27T11:31:33.471786 #1] FATAL -- :
F, [2021-05-27T11:31:33.471826 #1] FATAL -- : plugins/redmine_openid_connect/app/models/oic_session.rb:187:in `authorization_url'
plugins/redmine_openid_connect/lib/redmine_openid_connect/account_controller_patch.rb:49:in `oic_login'
lib/redmine/sudo_mode.rb:65:in `sudo_mode'

Whatever configuration I use in plugins/openid section, always getting an error - Internal error url.com/oic/login

[miguemc]

Same error with Redmine 4.2.3

[lmarie23]

Any news on this issue ? I am still encountering it

[MPavleski]

Hello, I think I encountered this issue. To resolve it, I added openid scope explicitly in " OpenID Connect scopes (comma-separated)" settings , in addition to profile and email scopes. Please see the screenshot.

[guoanhao]

你好，我想我遇到了这个问题。为了解决这个问题，我在“OpenID Connect 范围（逗号分隔）”设置中明确添加了openid范围 ，以及配置文件和电子邮件范围。请看截图。

hi，Can your redmine+keycloak work normally，My redmine configuration is the same as yours, but I can't log in，The configuration of keycloak refers to：http://devopsku.be/setup/redmine-keycloak/

redmine 4.2.8 keycloak 18.0.2 Can you help me，thank you！ The error is： 【invalid username or password】