Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

welknown and supported response types #704

Closed
pniederlag opened this issue Jun 21, 2024 · 1 comment · Fixed by #706
Closed

welknown and supported response types #704

pniederlag opened this issue Jun 21, 2024 · 1 comment · Fixed by #706

Comments

@pniederlag
Copy link
Contributor

pniederlag commented Jun 21, 2024
edited
Loading

I tried to use mock-oauth2-server as "provider" for automated testing of an apache-setup with https://github.com/OpenIDC/mod_auth_openidc/tree/master

Would this be a valid use-case for mock-oauth2-server?

Currently I am stuck at the apache module logging this error:

auth_openidc:error oidc_metadata_provider_is_valid: could not find a supported response type in provider metadata ((null)) for entry "response_types_supported"

The json from the wellknown-endpoint is received, but mod_auth_openidc seems to miss some piece... :-<
@pniederlag
Copy link
Contributor Author

Digging further into .well-known and openid-configuration options I discover there are two properties

response_modes_supported and response_types_supported

https://github.com/OpenIDC/mod_auth_openidc/blob/master/auth_openidc.conf

Digging through some public openidc endpoints it seems 'response_types_support' and 'response_modes_supported' yield:

 curl -sS https://sso.redhat.com/auth/realms/redhat-external/.well-known/openid-configuration | jq '.response_types_supported, .response_modes_supported'
[
  "code",
  "none",
  "id_token",
  "token",
  "id_token token",
  "code id_token",
  "code token",
  "code id_token token"
]
[
  "query",
  "fragment",
  "form_post",
  "query.jwt",
  "fragment.jwt",
  "form_post.jwt",
  "jwt"
]

So I assume the well-known endpoint should probably be configured in a similar way?

pniederlag added a commit to datenbetrieb/mock-oauth2-server that referenced this issue Jun 21, 2024
@pniederlag
fix: extend wellknown return values (navikt#704)
d56ba2a 
* response_types_supported
* response_modes_supported
@tommytroen tommytroen linked a pull request Jun 27, 2024 that will close this issue
fix: extend wellknown return values (#704) #706
Merged
tommytroen pushed a commit that referenced this issue Jun 27, 2024
@pniederlag
fix: extend wellknown return values (#704) (#706)
7412919 
* response_types_supported
* response_modes_supported
pniederlag added a commit to datenbetrieb/mock-oauth2-server that referenced this issue Jun 27, 2024
@pniederlag
Followup navikt#704 doc changes for response_types_supported
b766bfe 
align README with updated behaviour
pniederlag added a commit to datenbetrieb/mock-oauth2-server that referenced this issue Jun 27, 2024
@pniederlag
Followup navikt#704 doc changes for response_types_supported
85c64ac 
align README with updated behaviour
pniederlag added a commit to datenbetrieb/mock-oauth2-server that referenced this issue Jun 27, 2024
@pniederlag
Followup navikt#704 doc changes for response_types_supported
01c6c6c 
align README with updated behaviour
tommytroen pushed a commit that referenced this issue Jun 27, 2024
@pniederlag
Followup #704 doc changes for response_types_supported (#710)
f0d803c 
align README with updated behaviour
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix: extend wellknown return values (#704) datenbetrieb/mock-oauth2-server
1 participant
@pniederlag