Has anyone recently configured an OIDC auth provider for HedgeDoc?
-
I have configured HedgeDoc to not use Cloudron for auth and configured an OAuth2 provider, but nothing is working.
I tried using Amazon Cognito and Nextcloud. Each of these are throwing an "Internal Server Error" and the logs aren't meaningful to me.
I'm very knowledge with authN/authZ systems, but the blackbox here for me is HedgeDoc. It almost feels like it's not properly calling the
/tokenendpoint of the IdP correctly. Essentially throwing a 500 error.I followed the instructions here for configuring OAuth2: https://docs.hedgedoc.org/guides/auth/nextcloud/.
I was able to configure using GitHub without an issue following this: https://docs.hedgedoc.org/guides/auth/github/. But, I have no access control (authZ) using GitHub, anyone would be able to sign-in.
Has anyone configured this to use either an OIDC or OAuth2 provider successfully? I did read this post, but this was not helpful for me.
Sample log:
Jan 21 23:44:48 at OAuth2CustomStrategy.callback [as _verify] (/app/code/lib/web/auth/utils.js:10:29) Jan 21 23:44:48 at /app/code/node_modules/passport-oauth2/lib/strategy.js:205:24 Jan 21 23:44:48 at /app/code/lib/web/auth/oauth2/index.js:116:5 Jan 21 23:44:48 at passBackControl (/app/code/node_modules/passport-oauth2/node_modules/oauth/lib/oauth2.js:134:9) Jan 21 23:44:48 at IncomingMessage.<anonymous> (/app/code/node_modules/passport-oauth2/node_modules/oauth/lib/oauth2.js:157:7) Jan 21 23:44:48 at IncomingMessage.emit (node:events:529:35) Jan 21 23:44:48 at endReadableNT (node:internal/streams/readable:1368:12) Jan 21 23:44:48 at process.processTicksAndRejections (node:internal/process/task_queues:82:21) Jan 21 23:44:48 2025-01-22T04:44:48.092Z info: 47.xxx.xxx.xxx - - [22/Jan/2025:04:44:48 +0000] "GET /auth/oauth2/callback?code=01c008f1-6336-4b64-b217-xxxxxxxxxxxxx&state=rv4PzGjH9zNZs450zxxxxxxx HTTP/1.1" 500 148 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36"