My company has Azure AD so I decided to use the XWiki OpenID connect and authenticator for user authentication on our XWiki platform. After registering the XWiki application in the AD tenant, I could fill in the following configuration settings in the xwiki.properties file.
oidc.endpoint.authorization=https://login.microsoftonline.com/4b6f7aca-fc09-4a9f-b556-3ae27582c5b9/oauth2/authorize
oidc.endpoint.token=https://login.microsoftonline.com/4b6f7aca-fc09-4a9f-b556-3ae27582c5b9/oauth2/token
oidc.endpoint.userinfo=https://login.microsoftonline.com/4b6f7aca-fc09-4a9f-b556-3ae27582c5b9/openid/userinfo
oidc.clientid=09cbab91-c255-4ffa-b5fb-3cf11d9a9aa6
When I try to log in the wiki everything seems to work fine. I get redirected to a Microsoft login page with the URL below. (I have added line breaks and shortened some codes for readability.)
https://login.microsoftonline.com/4b6f7aca-fc09-4a9f-b556-3ae27582c5b9/oauth2/authorize?
response_type=code
&client_id=09cbab91-c255-4ffa-b5fb-3cf11d9a9aa6
&redirect_uri=http://wikiServer:8080/xwiki/oidc/authenticator/callback
&scope=openid+profile+email+address+phone
&state=d6P_FvG1N3-jJy_NEo1dE61rEuRx7PDx4EWfJzey5fM
&claims={"id_token":{"":null},"userinfo":{"":null}}
And after I entered my credentials I get redirected to the redirect URI together with a code and state.
http://wikiserver:8080/xwiki/oidc/authenticator/callback?
code=vKzCcgohJS0etL2RSYBz2KNbz96rGyHlEQ24wAsQvQG0qY9Zpf-4LwRTYHiB3ped28AoJaHF9oFre0hqz5D0yUarMfwEqYvLnJkKBdmoEFamdYDMBPo5B0hPS_LMqEMhb6atwVeN9FtAEPK...
&state=d6P_FvG1N3-jJy_NEo1dE81rEuRx7PDx4EWfJzey8fM
&session_state=741bc48c-b46c-4c23-83f3-320dc76147c8
But here it stops, I am left with a blank page. If I understand OpenID correctly the application should now be requesting a token at the token endpoint by passing the code and some other information. But nothing is happening.
I enabled debugging on the oidc extensions and was only able to get the following messages.
[http://wikiserver:8080/xwiki/oidc/authenticator/callback?
code=vKzCcgohJS0etL2RSYBz2KNbz96rGyHlEQ24wAsQvQG0qY9Zpf-4LwRTYHiB3ped28AoJaHF9oFre0hqz5D0yUarMfwEqYvLnJkKBdmoEFamdYDMBPo5B0hPS_LMqEMhb6atwVeN9FtAEPK...
&state=d6P_FvG1N3-jJy_NEo1dE81rEuRx7PDx4EWfJzey8fM
&session_state=741bc48c-b46c-4c23-83f3-320dc76147c8]
DEBUG i.OIDCResourceReferenceHandler - OIDC: Reference: [
type = [oidc],
parameters = [[code] =[[vKzCcgohJS0etL2RSYBz2KNbz96rGyHlEQ24wAsQvQG0qY9Zpf-4LwRTYHiB3ped28AoJaHF9oFre0hqz5D0yUarMfwEqYvLnJkKBdmoEFamdYDMBPo5B0hPS_LMqEMhb6atwVeN9FtAEPK...]], [state] = [[d6P_FvG1N3-jJy_NEo1dE81rEuRx7PDx4EWfJzey8fM]], [session_state] = [[741bc48c-b46c-4c23-83f3-320dc76147c8]]],
reference = [Wiki xwiki],
action = [],
locale = [<null>]
]
My guess is that nothing happens because no action is defined in the OIDCResourceReference. But it’s not clear to me what is going wrong. Could someone help me shed some light on this?