Matomo LoginOIDC + Azure AD = Unexpected response from OAuth service.

[DeamonMV]

Hello.

I have installed Matomo v3.9.1 on own server Also i have Azure AD, in which i created new "App registrations"

Matomo configured in this was:

Microsoft Azure AD

Authorize URL: https://login.microsoftonline.com/{tenant_id}/oauth2/authorize
Token URL: https://login.microsoftonline.com/{tenant_id}/oauth2/token
Userinfo URL: https://login.microsoftonline.com/{tenant_id}/openid/userinfo
Userinfo ID: sub
OAuth Scopes: openid
Redirect URI Override*: http(s)://<YOUR_MATOMO_INSTALLATION>/oidc/callback

As a client ID use Application (client) ID For the Client Secret - created a Secret in My matomoto app > Certificates & secrets > Client secrets

when i press to ligin via OAuth, i redirected to Microsoft login page - if i enter a password i getting this error User not found. OAuth registrations are not supported.

If i'll return on previous step(inside this webpage) i can see error from MS login side, which saying me that: Message: %SOMENUBER%: The endpoint only accepts POST requests. Received a GET request.

can you help me if it's in your competence?

[DeamonMV]

btw. today i updated matomo to 3.10.0 version and got this:

Please contact the system administrator, or login to Matomo to learn more.

If you are Super User, but cannot login because of this error, you can still troubleshoot further. Follow these steps: 
1) open the config/config.ini.php file and look for the salt value under [General]. 
2) edit this current URL you are viewing and add the following text (replacing salt_value_from_config by the salt value from the config file): 

index.php?i_am_super_user=salt_value_from_config&....```

[dominik-th]

Hi there!

Right now this plugin is not meant to fully replace Matomos internal user management. You still have to create users in the administrator control panel and the users have to link their Matomo account with their Azure account.

Users can link their accounts on this page: https:///index.php?module=UsersManager&action=userSettings&idSite=1&period=range&date=last30 and login with the Azure account afterwards.

I don't know about the issue you have with 3.10.0. I upgraded my instance and it's working fine. When does it occur?

[DeamonMV]

Hello) Thank you for reply.

i can't reproduce all steps , but when i was do "Link Account" i almost done connection, and on final step something went wrong. And now when i pressing "Link Account" i'm getting this

A fatal error occurred
The following error just broke Matomo (v3.10.0):

Call to undefined function Piwik\Plugins\LoginOIDC\curl_init()
in /var/www/matomo/plugins/LoginOIDC/Controller.php line 182            
Troubleshooting
Follow these steps to solve the issue or report it to the team:
If you have just updated Matomo to the latest version, please try to restart your web server. This will clear the PHP opcache which may solve the problem.
If this is the first time you see this error, please try refresh the page.
If this error continues to happen, we appreciate if you send the error report to the Matomo team.
If this error continues to happen you may want to send an error report to your system administrator.

If you are Super User, but cannot login because of this error, you can still troubleshoot further. Follow these steps: 
1) open the config/config.ini.php file and look for the salt value under [General]. 
2) edit this current URL you are viewing and add the following text (replacing salt_value_from_config by the salt value from the config file): 

index.php?i_am_super_user=salt_value_from_config&....

[dominik-th]

Your PHP installation is missing the php-curl extension.

https://stackoverflow.com/questions/33775897/how-do-i-install-the-ext-curl-extension-with-php-7

[DeamonMV]

Many thanks! It's resolved my problem.

BTW: how can i ask you or create PR about adding some additional information to configuration Azure to make it work with LoginOIDC?

[dominik-th]

Yes, please! Pull requests are always welcome