Issues Setting Up OpenID
-
@TheMoodBoardz I guess you are trying to set up a non-Cloudron OIDC provider ? If so, when you install the app, install it with Cloudron SSO disabled i.e "Leave user management to the app" . When you install it that way, Cloudron will leave the OpenID configuration alone.
-
@TheMoodBoardz I guess you are trying to set up a non-Cloudron OIDC provider ? If so, when you install the app, install it with Cloudron SSO disabled i.e "Leave user management to the app" . When you install it that way, Cloudron will leave the OpenID configuration alone.
-
N nebulon marked this topic as a question on
-
@girish Yes that's what I want to do - I've set it to "Leave user management to the app" however it still will remove the config for some reason?
-
@TheMoodBoardz it shouldn't. Just checking if we have some bug in the package.
@girish Ok, Thanks
-
Brilliant, Will give that a go and will come back once I have the results
-
I've tested however though it does not remove it from config - it won't give the option at login via OpenID button. I have also checked my build that does use login via Cloudron and I have realised that never had the button to login via OpenID
-
@TheMoodBoardz could be that your openid configuration is not correct.
The app uses something like this:
<entry key='openid.clientId'>##CLOUDRON_OIDC_CLIENT_ID##</entry> <entry key='openid.clientSecret'>##CLOUDRON_OIDC_CLIENT_SECRET##</entry> <entry key='openid.issuerUrl'>##CLOUDRON_OIDC_ISSUER##</entry> <entry key='openid.authUrl'>##CLOUDRON_OIDC_AUTH_ENDPOINT##</entry> <entry key='openid.tokenUrl'>##CLOUDRON_OIDC_TOKEN_ENDPOINT##</entry> <entry key='openid.userInfoUrl'>##CLOUDRON_OIDC_PROFILE_ENDPOINT##</entry> -
@TheMoodBoardz could be that your openid configuration is not correct.
The app uses something like this:
<entry key='openid.clientId'>##CLOUDRON_OIDC_CLIENT_ID##</entry> <entry key='openid.clientSecret'>##CLOUDRON_OIDC_CLIENT_SECRET##</entry> <entry key='openid.issuerUrl'>##CLOUDRON_OIDC_ISSUER##</entry> <entry key='openid.authUrl'>##CLOUDRON_OIDC_AUTH_ENDPOINT##</entry> <entry key='openid.tokenUrl'>##CLOUDRON_OIDC_TOKEN_ENDPOINT##</entry> <entry key='openid.userInfoUrl'>##CLOUDRON_OIDC_PROFILE_ENDPOINT##</entry>@girish So I am using the same config as you have shown, but it does not give you the option. I have just installed a fresh version and still have the same issue of it not giving you the option to sign in using OpenID
-
@girish I have just rest tested it with coping it like for a working build now, and I now get this error:
<!DOCTYPE><html><head><title>Error</title></head><html><body>500 - Server Error</body></html>
-
Right, I have seen the 500 error when the xml configuration is incorrect somewhere. traccar is not clear at times when giving error messages.
edit: to be clear, even when the values are incorrect. not the xml format/syntax itself.
@girish Yeah it's not very helpful error message.
@nebulon the config is as below (I have removed the actual URLs);
<entry key="openid.clientId">CLIENTID</entry>
<entry key="openid.clientSecret">CLIENTSECRET</entry>
<entry key="openid.issuerUrl">https://DOMAIN/application/o/traccar/</entry>
<entry key="openid.authUrl">https://DOMAIN/application/o/authorize/</entry>
<entry key="openid.tokenUrl">https://DOMAIN/application/o/token/</entry>
<entry key="openid.userInfoUrl">https://DOMAIN/application/o/userinfo/</entry> -
@girish Yeah it's not very helpful error message.
@nebulon the config is as below (I have removed the actual URLs);
<entry key="openid.clientId">CLIENTID</entry>
<entry key="openid.clientSecret">CLIENTSECRET</entry>
<entry key="openid.issuerUrl">https://DOMAIN/application/o/traccar/</entry>
<entry key="openid.authUrl">https://DOMAIN/application/o/authorize/</entry>
<entry key="openid.tokenUrl">https://DOMAIN/application/o/token/</entry>
<entry key="openid.userInfoUrl">https://DOMAIN/application/o/userinfo/</entry>@TheMoodBoardz check the logs for the actual error. It throws an error even when the URLs are unreachable. Like
java.net.ConnectException,java.nio.channels.UnresolvedAddressExceptionetc...Atleast, for me, I could create an OIDC client separately in the User Directory view of Cloudron and then put in the values below and then I get the OIDC login button. Note that if you get even the domain name wrong, it throws an error!
<entry key="openid.clientId">cid-xx</entry> <entry key="openid.clientSecret">yy</entry> <entry key="openid.issuerUrl">https://my.smartserver.io/openid</entry> <entry key="openid.authUrl">https://my.smartserver.io/openid/auth</entry> <entry key="openid.tokenUrl">https://my.smartserver.io/openid/token</entry> <entry key="openid.userInfoUrl">https://my.smartserver.io/openid/me</entry> -
G girish marked this topic as a regular topic on
-
@girish So after running a few tests it seems that Traccar does not like the domain to have a "/" at the end, no error logs to support this, but it does track with what was happening - typically my SSO system will want this, so I have made some changes, and it is all working now.
-
N nebulon marked this topic as a question on
-
N nebulon has marked this topic as solved on
Hello! It looks like you're interested in this conversation, but you don't have an account yet.
Getting fed up of having to scroll through the same posts each visit? When you register for an account, you'll always come back to exactly where you were before, and choose to be notified of new replies (either via email, or push notification). You'll also be able to save bookmarks and upvote posts to show your appreciation to other community members.
With your input, this post could be even better 💗
Register Login