Hi for information, oauth 2 microsoft 0365 works a bit with the authentication source "pinterest". authentication works but the username is not recognized by packetfence.
can be a parameter in this file: /usr/local/pf/html/captive-portal/lib/captiveportal/PacketFence/DynamicRouting/Module/Authentication/OAuth/pinterest.pm if anyone can help me .. thank you Brendan De : Brendan Gravé Envoyé : mardi 19 mars 2019 11:55 À : '[email protected]' <[email protected]> Objet : oauth openid microsoft 365 Hi i'm trying to run openid oauth with microsoft 365, here is my last authentication.conf : [Microsoft O365] client_secret=XXXXXXX description=Microsoft 0365 local_account_logins=0 client_id= XXXXXXXXXX access_token_path=/common/oauth2/token create_local_account=no protected_resource_url= https://graph.windows.net authorize_path=/common/oauth2/authorize site=https://login.microsoftonline.com set_access_level_action= type=openid domains=*.msappproxy.net account.activedirectory.windowsazure.com accounts.accesscontrol.windows.net adminwebservice.microsoftonline.com api.login.microsoftonline.com api.passwordreset.microsoftonline.com autologon.microsoftazuread-sso.com becws.microsoftonline.com clientconfig.microsoftonline-p.net companymanager.microsoftonline.com device.login.microsoftonline.com graph.microsoft.com graph.windows.net hip.microsoftonline-p.net hipservice.microsoftonline.com login.microsoft.com login.microsoftonline.com login.microsoftonline-p.com login.windows.net logincert.microsoftonline.com loginex.microsoftonline.com login-us.microsoftonline.com nexus.microsoftonline-p.com passwordreset.microsoftonline.com provisioningapi.microsoftonline.com *.adhybridhealth.azure.com *.blob.core.windows.net *.microsoftonline.com *.microsoftonline-p.com *.microsoftonline-p.net *.msauth.net *.msauthimages.net *.msecnd.net *.msftauth.net *.msftauthimages.net *.phonefactor.net *.queue.core.windows.net *.servicebus.windows.net *.table.core.windows.net *.windows.net management.azure.com policykeyservice.dc.ad.msft.net secure.aadcdn.microsoftonline-p.com login.live.com scope=openid redirect_url=https://XXXXXX/oauth2/callback [Microsoft O365] action0=set_role=default match=all class=authentication action1=set_access_duration=12h I'm always getting this error : OAuth2 Error : Failed to validate the token, please retry I tried a lot of settings, I do not know what to put in scope or in protected_resource_url I could reduce domains but it's for testing oauth works perfectly with Google. sorry for my poor english thanks Brendan
_______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
