OIDC not redirecting back to XO

maxcerny

@olivierlambert I was able to get some logs from xen orchestra.

Expected values to be strictly equal:
+ actual - expected

+ 'undefined'
- 'string'

But no additional information.

olivierlambert

Ah! That's interesting

Ping @julien-f

maxcerny

@olivierlambert could you point me in the keycloak configuration direction?

olivierlambert

See https://xen-orchestra.com/blog/xen-orchestra-5-80/

julien-f

@maxcerny I believe the username field is incorrect, it should be one of displayName, username or email).

Make sure your plugin is up-to-date because it is documented.

maxcerny

@julien-f tried it, no dice

Also according to the authelia docs: https://www.authelia.com/integration/openid-connect/introduction/#profile

the claim is preferred_username

julien-f

@maxcerny username is preferred_username in XO.

We weren't explicitly using the profile scope, please test the oidc-scope-profile branch.

maxcerny

@julien-f yes, this branch works.
guess it was a scoping issue then.

When about can I expect an update to the master branch? I'm currently running xo in docker and don't really want to glue together different plugin versions.

maxcerny

@julien-f just a clarification, it works with username, not preferred username

julien-f

@maxcerny I've made some changes to make scopes configurable, if you could test it to make sure it works, that would be great. (same branch, commit da14bab)

julien-f

@maxcerny Have you been able to test the latest version?

julien-f

The fix is now merged on master and will be part of the next release.