Project

General

Profile

Bug #28086

Show error on invalid oidc issuer

Added by Nikhil Kathole 6 months ago. Updated 4 months ago.

Status:
Closed
Priority:
Normal
Assignee:
Category:
Authentication
Target version:
-
Difficulty:
Triaged:
No
Bugzilla link:
Fixed in Releases:
Found in Releases:

Description

If a valid issuer is not provided in the Foreman settings, then there is no way a user can understand why SSO failed.

The method `valid_issuer?` in openid_connect.rb checks if a valid issuer is present or not. But if that fails authentication
flow ends with a error saying `SSO failed` but does not specify why.

Steps:
1) Provide a wrong issuer in the Foreman settings.
2) Try to login via SSO.

Reproducible:
Always


Related issues

Related to Foreman - Feature #25809: Keycloak integration with ForemanClosed
Related to Foreman - Tracker #28345: SSO using OpenID ConnectNew

Associated revisions

Revision 029065bb (diff)
Added by Rahul Bajaj 4 months ago

Fixes #28086 - log error on invalid oidc issuer

History

#1 Updated by Nikhil Kathole 6 months ago

  • Category set to Authentication

#2 Updated by Marek Hulán 6 months ago

#3 Updated by The Foreman Bot 5 months ago

  • Status changed from New to Ready For Testing
  • Pull request https://github.com/theforeman/foreman/pull/7190 added

#4 Updated by The Foreman Bot 4 months ago

  • Fixed in Releases 2.0.0 added

#5 Updated by Rahul Bajaj 4 months ago

  • Status changed from Ready For Testing to Closed

#6 Updated by Tomer Brisker 4 months ago

  • Bugzilla link set to 1772029

#7 Updated by Tomer Brisker 4 months ago

  • Fixed in Releases 1.24.0 added
  • Fixed in Releases deleted (2.0.0)

#8 Updated by Rahul Bajaj 4 months ago

Also available in: Atom PDF