Desktop client login redirects to different urls on different machines

Server
, ,
1

Hello,
I’m sorry I know this is a really vague question but I really don’t know what to do.

I got an owncloud and a keycloak instance running in docker behind a nginx reverse proxy. On the docker host machine I can connect with the owncloud instance using the desktop client. After providing the Server URL I click “Open Browser” and I’m redirected to:

https://login.[Domain].cc/realms/[Realm]/protocol/openid-connect/auth?response_type=code&client_id=xdXOt13JKxym1B1QcEncf2XDkLAexMBFwiT9j6EfhhHFJhs2KM9jbjTmf8JBXE69&redirect_uri=http://127.0.0.1:50888&code_challenge=WRS5VWYYdoRt6YVH2Xun8UJQuXTS1Gumm5GDI58CqjI&code_challenge_method=S256&scope=openid%20offline_access%20email%20profile&prompt=select_account%20consent&state=lkRLZ_TWHCdzhY7v3wBTDtN79QZmZcJe6uMfRrDbXH0%3D

login.[Domain].cc being the keycloak url.
Now I log in using my keycloak credentials. “You are all set!” No problem.

If I try the same thing on another machine I’m initially redirected to:

https://cloud.[Domain].cc/index.php/apps/oauth2/authorize?response_type=code&client_id=xdXOt13JKxym1B1QcEncf2XDkLAexMBFwiT9j6EfhhHFJhs2KM9jbjTmf8JBXE69&redirect_uri=http://localhost:28690&code_challenge=uoKWSGIJu2lNV_J02uAdgFiAN0NE0LtVqbTIRkW_Nzk&code_challenge_method=S256&scope=openid%20offline_access%20email%20profile&prompt=select_account%20consent&state=tdzcLTlNqHZFXw0CvlfvDhP-4cbHagjEfrTSOPhaab4%3D

and then to https://cloud.[Domain].cc/login
and greeted with the owncloud login. If I provide my credentials here I’m logged in in the browser but the desktop client is not.

I’m running owncloud server 10.12.2.

open-idconnect part of my owncloud config.php:

'openid-connect' => 
  array (
    'provider-url' => 'https://login.[Domain].cc/realms/[Realm]',
    'client-id' => 'owncloud',
    'client-secret' => 'XmSRcb8KW69RtVa5Xaz4ev3ZbbQlUS00',
    'loginButtonName' => 'Login',
    'post_logout_redirect_uri' => 'https://cloud.[Domain].cc',
    'search-attribute' => 'preferred_username',
    'mode' => 'userid',
    'provider-params' => 
    array (
      'authorization_endpoint' => 'https://login.[Domain].cc/realms/[Realm]/protocol/openid-connect/auth',
      'token_endpoint' => 'https://login.[Domain].cc/realms/[Realm]/protocol/openid-connect/token',
      'introspection_endpoint' => 'https://login.[Domain].cc/realms/[Realm]/protocol/openid-connect/token/introspect',
      'token_endpoint_auth_methods_supported' => '[
        "private_key_jwt",
        "client_secret_basic",
        "client_secret_post",
        "tls_client_auth",
        "client_secret_jwt"
      ]',
      'userinfo_endpoint' => 'https://login.[Domain].cc/realms/[Realm]/protocol/openid-connect/userinfo',
      'registration_endpoint' => 'https://login.[Domain].cc/realms/[Realm]/clients-registrations/openid-connect',
      'end_session_endpoint' => 'https://login.[Domain].cc/realms/[Realm]/protocol/openid-connect/logout?client_id=owncloud',
      'jwks_uri' => 'https://login.[Domain].cc/realms/[Realm]/protocol/openid-connect/certs',
    ),
    'auto-provision' => 
    array (
      'enabled' => true,
      'email-claim' => 'email',
      'display-name-claim' => 'given_name',
      'picture-claim' => 'picture',
      'groups' => 
      array (
        0 => 'everyone',
      ),
    ),
  ),
2

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.