Open zyppe opened 1 month ago
@zyppe How is OIDC_ISSUER set in your environment?
# Incorrect
OIDC_ISSUER=https://forgejo.DOMAIN.TLD/.well-known/openid-configuration
OIDC_ISSUER=https://forgejo.DOMAIN.TLD
# Correct
OIDC_ISSUER=https://forgejo.DOMAIN.TLD/
The following error probably occurred internally.
[server] warn: Error while exchanging OIDC code: RPError: iss mismatch, expected https://forgejo.DOMAIN.TLD/, got: https://forgejo.DOMAIN.TLD/.well-known/openid-configuration
I want to connect it, so I added an OAuth2 application in my Forgejo (a gitea's fork), and I add these items in the configuration: OIDC_ISSUER, OIDC_CLIENT_ID, OIDC_CLIENT_SECRET. Then it can show login with SSO and jumped to my Forgejo, but when I login in, it just tell me UNKNOWN ERROR. What items do I ignored? Here is the document about Forgejo as OAuth2 provide: https://docs.gitea.com/development/oauth2-provider