greenlight icon indicating copy to clipboard operation
greenlight copied to clipboard
verified publisher icon bigbluebutton

ADFS as OpenID Connect

Open ZAZmaster opened this issue 1 year ago • 2 comments

Hello! I try to configure ADFS as OpenID Connect. Config:

OPENID_CONNECT_CLIENT_ID=_ADFS_GENERATED_UUID_
OPENID_CONNECT_CLIENT_SECRET=_ADFS_GENERATED_SECRET_
OPENID_CONNECT_ISSUER=https://adfs.example.com/adfs
OPENID_CONNECT_REDIRECT=https://greenlight.example.com
OPENID_CONNECT_UID_FIELD=sub

When try to authorize has error:

greenlight-v3    | D, [2024-03-29T09:05:35.054054 #1] DEBUG -- omniauth: (openid_connect) Request phase initiated.
greenlight-v3    | D, [2024-03-29T09:05:37.480569 #1] DEBUG -- omniauth: (openid_connect) Callback phase initiated.
greenlight-v3    | E, [2024-03-29T09:05:37.956348 #1] ERROR -- : [5ab67d51-9ce9-45e3-9aa9-1d0ebdd8f3c1] Error during authentication: undefined method `downcase' for nil:NilClass

With LOG_LEVEL=debug - no more information (stack trace for example)

ZAZmaster avatar Mar 29 '24 09:03 ZAZmaster

We have the same problem with our OpenID Connect Provider. Presumably this is a general problem of Greenlight with the OpenID Connect implementation.

nisutec avatar Apr 04 '24 07:04 nisutec

corresponding source code;

https://github.com/bigbluebutton/greenlight/blob/77873eb2917ae45b13aa88482be12a69ccbd9202/app/controllers/external_controller.rb#L86

did you setup an email for the user? personal i had issues (with keycloak as openid provider), without setting an email for the user.

ben-ba avatar Jul 18 '24 09:07 ben-ba