OIDC: clientSecret not working

[riqueps]

Describe the bug OIDC client secret is not being properly configured on ALB listener which cause 561 Authentication Error Via aws console, by manually unchecking Use existing client secret and adding the secret the authentication start working perfectly

Steps to reproduce

• Setup an ALB listener with oidc authentication

Environment

• AWS Load Balancer controller version: v1.8.3
• EKS Kubernetes version: v1.29

Additional Context:

Ingress annotations:

  annotations:
    alb.ingress.kubernetes.io/load-balancer-attributes: idle_timeout.timeout_seconds=600
    alb.ingress.kubernetes.io/healthcheck-path: /healthz
    alb.ingress.kubernetes.io/load-balancer-name: idp-loadbalancer 
    alb.ingress.kubernetes.io/scheme: internet-facing
    alb.ingress.kubernetes.io/target-type: ip
    alb.ingress.kubernetes.io/ssl-redirect: '443'
    alb.ingress.kubernetes.io/listen-ports: '[{"HTTP": 80}, {"HTTPS":443}]'
    alb.ingress.kubernetes.io/subnets: subnet-xxxxx, subnet-yyyy
    alb.ingress.kubernetes.io/certificate-arn: cert_arn
    alb.ingress.kubernetes.io/group.name: alb-group-name
    alb.ingress.kubernetes.io/group.order: '1'
    alb.ingress.kubernetes.io/auth-type: oidc
    alb.ingress.kubernetes.io/auth-idp-oidc: '{"issuer":"https://accounts.google.com","authorizationEndpoint":"https://accounts.google.com/o/oauth2/v2/auth","tokenEndpoint":"https://oauth2.googleapis.com/token","userInfoEndpoint":"https://openidconnect.googleapis.com/v1/userinfo","secretName":"k8s-ecret"}'
    alb.ingress.kubernetes.io/auth-scope: 'profile email openid'
    alb.ingress.kubernetes.io/ssl-policy: ELBSecurityPolicy-TLS13-1-2-2021-06

K8s Secret:

apiVersion: v1
kind: Secret
metadata:
  namespace: ns
  name: k8s-sercret
data:
  clientID: base64-value
  clientSecret: base64-value

Listener Screenshots:

[huangm777]

Thanks for your report. We will check it out as soon as we can.

[huangm777]

/kind bug