OIDC Auth Method with Azure AD not working after upgrading to newest Boundary

[michaeljluo]

trafficstars

Describe the bug

Hello, I am trying to upgrade my boundary version from 0.16.0 to 0.17.0. I merged updated code from the boundary repo, and ran commands to migrate boundary postgres database to new version. So far everything is functional except for logging in with OIDC auth method. I'm using an auth method with Azure Active Directory as my IDP and it produces this error whenever I try to login:

Error

Could not authenticate

Something went wrong while authenticating. Please close this window and try again. If the problem persists, notify your administrator.

link:

...authentication-error?error=%7B%22kind%22%3A%22Internal%22%2C%22message%22%3A%22authmethod_service.%28Service%29.authenticateOidcCallback%3A+Callback+validation+failed.%3A+parameter+violation%3A+error+%23100%3A+oidc.Callback%3A+unable+to+get+user+info+from+provider%3A+unknown%3A+error+%230%3A+Provider.UserInfo%3A+provider+UserInfo+request+failed%3A+Get+%5C%22https%3A%2F%2Fgraph.microsoft.com%2Foidc%2Fuserinfo%5C%22%3A+EOF%22%7D

To Reproduce

Steps to reproduce the behavior:

1. Current Boundary Version: 0.16.0 running in K8s
2. Ran database migrate from hashicorp/boundary:0.17 - DB Migration completed successfully
3. Started the controller pods w/ boundary:0.17 – Running
4. For existing (and new) OIDC Auth setup Set up OIDC for Azure IdP, login fails with this error

Expected behavior

The login should pull identity information from Azure AD and authenticate me correctly.

Additional context

The Azure AD application registration we used is working fine with 0.16.0 version of boundary.