From dfca56678eb89181a972ed8ad8b9a9c1d16d89a0 Mon Sep 17 00:00:00 2001
From: Takashi Kajinami <kajinamit@oss.nttdata.com>
Date: Fri, 1 Mar 2024 00:24:17 +0900
Subject: [PATCH] Fix wrong OIDCRedirectURI

The redirect path should not contain /auth/ to be consistent with
the protected endpoint url.

Change-Id: Ia72cff99d28eeb84a0ee273a0fe08ca06bb7a8c4
(cherry picked from commit e15a1698655251ba8569c742325ff2c31e05f348)
---
 templates/openidc.conf.erb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/templates/openidc.conf.erb b/templates/openidc.conf.erb
index dd6739afa..1d3e11781 100644
--- a/templates/openidc.conf.erb
+++ b/templates/openidc.conf.erb
@@ -43,7 +43,7 @@
   OIDCPassClaimsAs "<%= scope['::keystone::federation::openidc::openidc_pass_claim_as'] %>"
 <%- end -%>
 
-  OIDCRedirectURI "<%= @keystone_url -%>/v3/auth/OS-FEDERATION/identity_providers/<%= scope['keystone::federation::openidc::idp_name']-%>/protocols/openid/auth"
+  OIDCRedirectURI "<%= @keystone_url -%>/v3/OS-FEDERATION/identity_providers/<%= scope['keystone::federation::openidc::idp_name']-%>/protocols/openid/auth"
 
 <%- if scope['::keystone::federation::openidc::openidc_enable_oauth'] -%>
   <%- if scope['keystone::federation::openidc::openidc_verify_method'] == 'introspection' -%>