Bad user claim

[rzimmerr]

Just started to test this plugin and I noticed it has not been updated in a little while. But I am getting the error below when I try and hit my test site.

object(WP_Error)#1285 (2) { ["errors"]=> array(1) { ["bad-claim"]=> array(1) { [0]=> string(14) "Bad user claim" } }

[rzimmerr]

I may have discovered the issue.
$response = wp_remote_get( $this->endpoint_userinfo, $request ); was coded as wp_remote_post which seemed to have been trying to post to our IDP rather then GET. I have no idea if this will help anyone but that's how I fixed my issue. Along with this I had to define a couple extra scopes in the plugin settings to work with my IDP.

[rqbanerjee]

I issued an MR. Sorta surprised that no one else hit this? I tried to configure with my IDP today (Beyond Identity, passwordless) and couldn't get past "invalid user claim". Anyway, please check out the MR I linked to fix this simple issue, it's a 1-liner.

[timnolte]

I'm closing this issue as this is a problem with the IDP not following the specs: https://openid.net/specs/openid-connect-core-1_0.html#UserInfo

The UserInfo Endpoint MUST support the use of the HTTP GET and HTTP POST methods defined in RFC 2616 [RFC2616].

The Client sends the UserInfo Request using either HTTP GET or HTTP POST.