Auth::OpenIDConnect redirects in a loop when invalid JSON metadata is provided
Concerned version
Version: 2.0.14
Summary
- Set auth to OIDC
- Configure an OP such as https://oidctest.wsweet.org/.well-known/openid-configuration
- Introduce a fatal issue when copy/pasting the JSON metadata: missing }, invalid character, extra ", etc.
Logs
[debug] OpenID Provider op-example choosen
[debug] Build OpenIDConnect AuthN Request
[debug] OpenIDConnect Authorization Code Flow Authn Request: ?response_type=code&client_id=private&scope=openid+profile&redirect_uri=http%3A%2F%2Fauth.lemontest.lxd%2F%3Fopenidconnectcallback%3D1&state=1645480122_63639&nonce=1645480122_47911
[debug] Redirect user to ?response_type=code&client_id=private&scope=openid+profile&redirect_uri=http%3A%2F%2Fauth.lemontest.lxd%2F%3Fopenidconnectcallback%3D1&state=1645480122_63639&nonce=1645480122_47911
(notice the missing beginning of the URL, meaning LLNG redirects to itself)
Possible fixes
Do not load OP if the JSON is invalid