Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

interop with

See original GitHub issue

Thanks for django-oidc-provider, it is amazing.

I’m trying to use it with lua-resty-openidc which performs the following requests

GET /authorize?scope=code%20id_token&client_id=471746&state=4211b60d068bc9419178f40bae27f242&nonce=f43023951b2f2f0d0115f1358d755a33&redirect_uri=https%3A%2F%2Flocalhost%2Foauth2%2Fcallback&response_type=code

POST /token code=fdd5ff7ce2b14b42a5f1c2c063bb3b9a&client_id=471746&state=7c3ce94c606700d4fda65d9ae6dc806d&grant_type=authorization_code&redirect_uri=http%3A%2F%2Flocalhost%2Foauth2%2Fcallback&client_secret=06e53969f87da66e0a8c1f4d85346ba6efdb1927636c09d35d322e08

django-oidc-provider returns an empty {} id_token because is_authentication is False.

But, lua-resty-openidc expects a non-empty id_token with at minimum the issuer.

{"access_token": "ccd4b37ecd8745ab807017973089a08b", "token_type": "bearer", "expires_in": 3600, "refresh_token": "869fcc0c945b41e397dbd7c0bef2dcb0", "id_token": "eyJhbGciOiJSUzI1NiIsImtpZCI6IjRkOGE1ODI0NWNjZWNjNGQxNjgyOGU1MGI3N2VkMzBmIn0.e30.0zSwT08G-0Lbx8u-qpMH5soRl5mJAuoOipAJeDKg5Mnn4d6PscIcCyaDZqR0H3gpE-ZD0ALjIPsWtdoxscb4hH4sgmXusyLudlzeEggBjIyHIa-H9oBzt6znLP4AJzv3XwecOTJ3hrNiwKbulFFH0PnSsH9WyKgHn3BwamZU3LE"}

Solution so far is just to patch is_authentication or True. Am I missing something by not requesting the right token earlier from lua-resty-openidc?

Issue Analytics

  • State:closed
  • Created 7 years ago
  • Comments:5 (2 by maintainers)

github_iconTop GitHub Comments

juanifiorencommented, Nov 9, 2016

scope is for for openid or oauth2 claims (openid, profile, email, address, etc). response_type is to define the flow. Values are:

  • code: Authorization Code Flow
  • id_token: id_token (Implicit Flow)
  • id_token token: id_token token (Implicit Flow)
  • code token: code token (Hybrid Flow)
  • code id_token: code id_token (Hybrid Flow)
  • code id_token token: code id_token token (Hybrid Flow)

So in your case your request should be:

dholthcommented, Nov 9, 2016

It works, in ‘code’ mode (set in both RP and OP), with the mentioned scope.

Read more comments on GitHub >

github_iconTop Results From Across the Web

lua-resty-openidc - GitHub
lua -resty-openidc is a library for NGINX implementing the OpenID Connect Relying Party (RP) and/or the OAuth 2.0 Resource Server (RS) functionality.
Read more >
How to get authentication working with ping federated #383
I have installed openresty on a ubuntu machine. My objective is to setup a reverse proxy that perform authentication for users agains ping ......
Read more >
zmartzone/lua-resty-openidc - GitHub
OpenID Connect Relying Party and OAuth 2.0 Resource Server implementation in Lua for NGINX / OpenResty - lua-resty-openidc/openidc.lua at master ...
Read more >
Question about reverse proxy · Issue #70 · zmartzone/lua-resty ...
I've defined Nginx as a reverse proxy for protected Apps, ... ...
Read more >
lua-resty-openidc/DISCLAIMER at master - GitHub
* Copyright (C) 2017-2022 ZmartZone Holding B.V.. * All rights reserved. *. * ZmartZone IAM. *
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Post

No results found

github_iconTop Related Hashnode Post

No results found