OIDC provider with .well-known/openid-configuration under some path

Question

OIDC provider with .well-known/openid-configuration under some path

jsalatiel opened this issue 8 months ago · comments

Describe the bug

Trying to configure a provider which the .well-known/openid-configuration is not under the root will not work.
Example: Keycloak uses https://mykeycloak.mydomain/auth/realms/myrealm/.well-known/openid-configuration
If I add mykeycloak.mydomain/auth/realms/myrealm/ to the infra-server URL ( Domain ) input field, it will complain with "invalid provider url" even though I can see on my keycloak instance that it tried to get https://meykeycloak.mydomain.com/auth/realms/external/.well-known/openid-configuration and it received a 200 and the JSON response.

Expected behavior

It should work

Environment


 Client: 0.21.0
 Server: 0.21.0

Client Version: version.Info{Major:"1", Minor:"27", GitVersion:"v1.27.6+k3s1", GitCommit:"bd04941a294793ec92e8703d5e5da14107902e88", GitTreeState:"clean", BuildDate:"2023-09-20T23:05:58Z", GoVersion:"go1.20.8", Compiler:"gc", Platform:"linux/amd64"}
Kustomize Version: v5.0.1
Server Version: version.Info{Major:"1", Minor:"27", GitVersion:"v1.27.6+k3s1", GitCommit:"bd04941a294793ec92e8703d5e5da14107902e88", GitTreeState:"clean", BuildDate:"2023-09-20T23:05:58Z", GoVersion:"go1.20.8", Compiler:"gc", Platform:"linux/amd64"}

bare metal

jsalatiel commented 5 months ago

/reopen

stale · Answer 1 · Thu Jan 18 2024 03:36:16 GMT+0800 (China Standard Time)

Is this still relevant? If so, what is blocking it? Is there anything you can do to help move it forward?

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs.

jsalatiel · Answer 2 · Mon Jan 29 2024 01:01:52 GMT+0800 (China Standard Time)

Still relevant.