openstack/puppet-keystone
Code Issues Proposed changes

Fix wrong OIDCRedirectURI

Browse Source 
The redirect path should not contain /auth/ to be consistent with
the protected endpoint url.

Change-Id: Ia72cff99d28eeb84a0ee273a0fe08ca06bb7a8c4
(cherry picked from commit e15a169865)
(cherry picked from commit dfca56678e)
This commit is contained in:
Takashi Kajinami
2024-03-01 00:24:17 +09:00
committed by Tobias Urdin
parent d02d94c544
commit c0d43e3e17
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
templates/openidc.conf.erb
View File

@@ -43,7 +43,7 @@
OIDCPassClaimsAs "<%= scope['::keystone::federation::openidc::openidc_pass_claim_as'] %>"
<%- end -%>
OIDCRedirectURI "<%= @keystone_url -%>/v3/auth/OS-FEDERATION/identity_providers/<%= scope['keystone::federation::openidc::idp_name']-%>/protocols/openid/auth"
OIDCRedirectURI "<%= @keystone_url -%>/v3/OS-FEDERATION/identity_providers/<%= scope['keystone::federation::openidc::idp_name']-%>/protocols/openid/auth"
<%- if scope['::keystone::federation::openidc::openidc_enable_oauth'] -%>
<%- if scope['keystone::federation::openidc::openidc_verify_method'] == 'introspection' -%>