Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

OIDC login with keycloak failed #1779

Open
prompt-bot opened this issue Nov 23, 2023 · 4 comments
Open

OIDC login with keycloak failed #1779

prompt-bot opened this issue Nov 23, 2023 · 4 comments

Comments

@prompt-bot
Copy link

配置如下
Enable = true
DisplayName = '[OIDC]'
RedirectURL = 'https://xxxx.xxxx/callback'
SsoAddr = 'https://xxxx.xxxx.com/realms/xxxx'
ClientId = 'xxxx'
ClientSecret = 'xxx'
CoverAttributes = true
DefaultRoles = ['Standard']

[Attributes]
Nickname = 'preferred_username'
Email = 'email'

可以正常跳转 但是会错误 oauth2: "invalid_grant" "Code not valid"
也就是code换token步骤 在keycloak日志中可以看到 Nightingale 发起了两次code 换token请求
image
@sofia-lrf
Copy link

我这边也遇到了这个问题,请问后续有解决嘛

@sofia-lrf
Copy link

{
"err": "sso_exchange_user fail. code:glmoMk, error:failed to exchange token: oauth2: server response missing access_token"
}

@sofia-lrf
Copy link

image

@UlricQin
Copy link
Member

社区里谁对 kecloak 比较熟可以给看看,在其他的 SSO Server 里是可以跑通的,按理说 OIDC 是标准协议,应该一个跑通其他都可以跑通。

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@UlricQin @prompt-bot @sofia-lrf