Replies: 4 comments 5 replies
-
|
thanks for reporting: I believe this could only happen if |
Beta Was this translation helpful? Give feedback.
-
|
Correct: missing OIDCCryptoPassphrase is the culprit |
Beta Was this translation helpful? Give feedback.
-
|
I'm still interested in your config as the config checks at startup should have caught this (so they need a fix at least) |
Beta Was this translation helpful? Give feedback.
-
|
Difficult as it encompasses a lot of macros, but I think any working config should generate the problem if you remove the OIDCCryptoPassphrase directive |
Beta Was this translation helpful? Give feedback.
-
|
no, that's what the checks are for... |
Beta Was this translation helpful? Give feedback.
-
|
what AuthType and cache options have you set? |
Beta Was this translation helpful? Give feedback.
-
|
also, a full server debug log of the calling stack would be helpful to determine in what setting this happens |
Beta Was this translation helpful? Give feedback.
-
|
I'll try to prepare that, but I probably won't be able to do it before 2 weeks. |
Beta Was this translation helpful? Give feedback.
-
|
thanks for your help |
Beta Was this translation helpful? Give feedback.
Uh oh!
There was an error while loading. Please reload this page.
-
I got a null pointer exception and I found the cause.
On line 135 of util.c, we have the line
In case secret is null (I guess it happens when OIDCClientSecret is not set), oidc_util_create_symmetric_key() returns TRUE but jwk is still null. Afew lines later, we call oidc_jwt_sign() where that generates an exception (jwk->cjose_jwk).
A check for nullity should definitely be added, but I'm not sure if the best place is oidc_util_jwt_create() or in a calling function. Any idea?
In case of doubt, we could begin to place it here until we find a better solution ;-)
Beta Was this translation helpful? Give feedback.
All reactions