Dear Euler,
you know if posible solve this?
We have the same error, I believe the error is at this point
authentication-oidc.redirect-url
= ${dspace.server.url}/api/authn/oidc when accessing OIDC. I think it is
not able to receive the authentication token from the endpoint.
Sincerelly,
Humberto Blanco
El jueves, 11 de enero de 2024 a la(s) 5:06:25 a.m. UTC-5, euler escribió:
> Hi,
>
> Did you manage to resolve your issue? I am also trying to use OIDC
> authentication using Google. I can confirm that the user was successfully
> logged in to Google when I opened a new tab and went to a Google page.
> However, the UI shows that the user was not authenticated. Looking at the
> log files, here is what I found that could be relevant to why the
> authentication failed:
> 2024-01-11 17:28:28,796 INFO unknown ff975adf-f235-4dbb-a428-9ca9751cdbe7
> org.dspace.app.rest.utils.DSpaceAPIRequestLoggingFilter @ Before request
> [GET /server/api/authn/status] originated from
> https://my-domain/server/login.html
> 2024-01-11 17:28:29,019 WARN unknown unknown
> org.dspace.app.rest.exception.DSpaceApiExceptionControllerAdvice @ Access
> is denied. Invalid CSRF token. (status:403 exception: Invalid CSRF Token
> 'null' was found on the request parameter '_csrf' or header 'X-XSRF-TOKEN'.
> at:
> org.springframework.security.web.csrf.CsrfFilter.doFilterInternal(CsrfFilter.java:127))
>
> Below is my OIDC Configuration:
> # Settings for OIDC authentication
> authentication-oidc.authorize-endpoint =
> https://accounts.google.com/o/oauth2/v2/auth
> authentication-oidc.token-endpoint = https://oauth2.googleapis.com/token
> authentication-oidc.user-info-endpoint =
> https://openidconnect.googleapis.com/v1/userinfo
> authentication-oidc.redirect-url = ${dspace.server.url}/api/authn/oidc
> authentication-oidc.can-self-register = true
>
> I am using DSpace 7.6.1
>
> Thanks in advance and best regards,
> euler
> On Monday, April 10, 2023 at 9:09:34 AM UTC+8 tarun kumar wrote:
>
>> Dear Sir,
>>
>> I am writing to inquire about an issue we are facing while setting up
>> Dspace Oidc authentication using Google Mail. We have followed the
>> guidelines as instructed in the documentation and updated the
>> authentication-oidc.cfg file with the following values:
>>
>> authentication-oidc.token-endpoint =
>> https://www.googleapis.com/oauth2/v4/token
>> authentication-oidc.authorize-endpoint =
>> https://accounts.google.com/o/oauth2/v2/auth
>> authentication-oidc.user-info-endpoint =
>> https://www.googleapis.com/oauth2/v3/userinfo
>> authentication-oidc.redirect-url = ${dspace.server.url}/api/authn/oidc
>>
>> However, when we click on "login with oidc," we are successfully
>> redirected to the Google page for login. After entering our credentials,
>> the page keeps reloading and goes nowhere. Attaching error screenshot.
>>
>> I would like to request your assistance in resolving the following
>> queries:
>>
>> Is the redirect URL correct, or is there something else that we are
>> missing that needs to be done?
>> After making the above changes in authentication-oidc.cfg and
>> uncommenting in the authentication.cfg, is there anything else that needs
>> to be done?
>> Finally, is it possible to ensure that OIDC request does not request for
>> scope, i.e., by default, the request scope is requested, like email,
>> openid, profile? Is there a way to not request any of the scopes?
>> Thank you for your attention to this matter.
>>
>> Best regards
>> Tarun
>>
>>
>>
>>
--
All messages to this mailing list should adhere to the Code of Conduct:
https://www.lyrasis.org/about/Pages/Code-of-Conduct.aspx
---
You received this message because you are subscribed to the Google Groups
"DSpace Technical Support" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/dspace-tech/fb58445f-bbf4-42bb-99d1-058fe2848bdcn%40googlegroups.com.
