freeradius-oauth2-perl
freeradius-oauth2-perl copied to clipboard
jimdigriz
FreeRADIUS OAuth2 (OpenID Connect) using rlm_perl
Hello, I keeps getting the following errors when running radiusd -X on AlmaLinux(It's the distro I as IT-admin primarly use in production) and then running radtest: ``` rlm_perl: oauth2 worker...
The README states that only Azure AD supports the Resource Owner Password Credentials Grant, but at least keycloak also supports it. Other IDP's might also support it by now. It...
From https://lists.freeradius.org/pipermail/freeradius-users/2022-March/101576.html by @drthiruna ```(6) oauth2_perl: --> b43401d0-0a12-42fd-a27d-32437248d01b rlm_perl: oauth2 worker (tanuvas.edu.in): supervisor started (tid=1) rlm_perl: oauth2 worker (tanuvas.edu.in): fetching discovery document Waking up in 0.4 seconds. rlm_perl: oauth2 worker...
One user reported the following (though it looks like they are using old/unknown distro provided packaging): ``` # Instantiating module "userlock" from file /etc/freeradius/3.0/mods-enabled/always # Instantiating module "notfound" from file...
[MFA](https://docs.microsoft.com/en-us/azure/active-directory/authentication/concept-mfa-howitworks) does not work with this project. Turns out if you are using Azure AD Premium you can use a [Conditional Access policy to apply an application exclusion](https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/howto-conditional-access-policy-all-users-mfa#application-exclusions) (as pointed...
So it turns out [my fix for locale massaging](https://github.com/jimdigriz/freeradius-oauth2-perl/commit/17dc93196447548b4dafc171c21ab7c5407018ea) does not properly work: ``` (23) oauth2_perl: $RAD_CONFIG{'OAuth2-Password-Last-Modified'} = &control:OAuth2-Password-Last-Modified -> 'Nov 5 2020 11:31:56 UTC' rlm_perl: oauth2 authorize (23) oauth2_perl:...
Some may find driving a web UI problematic...though we have to provide this anyway for those who prefer it
To avoid the polling and instead get more instant/live data, we can look to use [webhooks](https://docs.microsoft.com/en-us/graph/webhooks) instead. I have only not implemented it as this is very site specific (you...
https://docs.microsoft.com/en-us/graph/best-practices-concept#reliability-and-support
Probably something to fix whilst dealing with https://github.com/jimdigriz/freeradius-oauth2-perl/issues/13 On Mon, 18 Sep 2023, at 19:34, J R wrote: > > I was setting up your code for authentication against Azure...