Problem when use with Keycloak 12, parameter is scope=User.Read instead of scope=openid

robrotheram / taiga-contrib-openid-auth

Taiga plugin for openid authentication

45 stars 25 forks source link

Problem when use with Keycloak 12, parameter is scope=User.Read instead of scope=openid #24

Open kappa-wingman opened 3 years ago

kappa-wingman commented 3 years ago

I am using Keycloak 12. When I click the login button, the parameter send to Keycloak has '&scope=User.Read'. I had already set this in Taiga main configuration file config.py OPENID_ID_FIELD = "sub" OPENID_USERNAME_FIELD = "preferred_username" OPENID_FULLNAME_FIELD = "name" OPENID_EMAIL_FIELD = "email" OPENID_SCOPE="openid email"

I had to manually get the full URI and change it to &scope=openid and it works now.

zamgreg commented 3 years ago

@kappa-wingman Had the same problem. Changed "User.Read" to "openid" here: taiga-contrib-openid-auth/front/dist/openid-auth.js Worked just fine

karezza commented 3 years ago

I also ran into this issue and noticed in openid-auth.js it is setting a default value if the variable isn't specified.

Adding the following to /usr/share/nginx/html/conf.json works:

"openidScope": "openid"