Open nodens opened 1 year ago
"raise" log level to debug - value 0 in config.php - then you should see more entries in the log.
Thanks!
I'm afraid it was already at 0 in owncloud/config/config.php
though.
I see exactly the same log entries as with 2.1.1 but it stops earlier.
With 2.2.0, after authenticating on the IDP, after the message": "LoginFlowController::login : Token info
log entry, I get a message with the user info which seems to be correct, and then nothing. (app: OpenID
). The "access forbidden" message shows up in the browser, but nothing in the logs.
With 2.1.1, after this message, I get a log entries from the OC\\Authentication\\Token\\DefaultTokenProvider::generateToken
app saying generating token
, then app: OpenID
continue with messages such as access token payload
, RefreshTokenResponse
, and so on.
I can provide the actual logs if you're interested, but I'd need a pgp key to encrypt it or at least a private channel. ;)
adding a bit more info, since it's annoying to downgrade every time I upgrade owncloud now openid is bundled: As far as I can tell, the return is correct, but I always get a 403 (sometimes a 503) with 2.2.0. I'll try to git bisect to get more insight, but since there is no log (and no crash on owncloud side) it's a bit hard to debug.
So the result of the git bisect is that the problem occurs since either [783202d68db66a2a0e97000a3de275f811d70b55] feat: account info auto-update (#222) [2a569b3cc07eb663d1ebf5e74d65c73b04fafa43] feat: Added support for HTTP Proxy (#237)
But those don't give the exact behaviour described in this issue: it give a 500 instead when I log on our IDP (keycloak). the actual issue starts at [94fcbc37d6a697521a2ffa462f758cda1e2ce154]
Hope this helps!
Hi,
We tried upgrading openidconnect on a test instance from 2.1.1 to 2.2.0.
Owncloud version: 10.11.0.6 (community). PHP version: 7.4
We have a minimalist configuration, with keycloak as idp, set in DB.
Values set: provider-url client-id client-secret loginButtonName
After upgrading from market and login out, trying to log back in gives "Access Forbidden":![Screenshot from 2023-02-01 15-49-18](https://user-images.githubusercontent.com/1493095/216075805-071942ec-68d4-4e06-b382-3687271b7a34.png)
The log doesn't show anything wrong, and according to keycloak, access was granted properly.
Downgrading to 2.1.1 makes it functionnal again.
Am I missing something here? Any suggestion?
Thanks!