Expected behaviour
Tell us what should happen
Login should work via azure AD integration
Actual behaviour
Tell us what happens instead
Authentication side is working but during authorization we get error.
Error in openidconnect: unable to verify jwt claims
Server configuration
Operating system:
Red Hat Enterprise Linux release 8.7 (Ootpa)
Web server:
Server version: Apache/2.4.37 (Red Hat Enterprise Linux)
Server built: Mar 28 2023 09:01:53
Database:
mysql
PHP version:
PHP 7.4.30 (cli) (built: Jun 7 2022 08:38:19) ( NTS )
Copyright (c) The PHP Group
Zend Engine v3.4.0, Copyright (c) Zend Technologies
with Zend OPcache v7.4.30, Copyright (c), by Zend Technologies
ownCloud version: (see ownCloud admin page)
[ownCloud ]10.11.0 (stable)
Updated from an older ownCloud or fresh install:
fresh
Where did you install ownCloud from:
owncloud website
No errors have been found.
or
If you have access to your command line run e.g.:
sudo -u www-data php occ config:list system
from within your ownCloud installation folder
ATTENTION: Do not post your config.php file in public as is. Please use one of the above
methods whenever possible. Both, the generated reports from the web-ui and from occ config:list
consistently remove sensitive data. You still may want to review the report before sending.
If done manually then it is critical for your own privacy to dilligently
remove all host names, passwords, usernames, salts and other credentials before posting.
You should assume that attackers find such information and will use them against your systems.
**List of activated apps:**
{“reqId”:“ZXmciO1F@BujIY9cQVgG3gAAAMI”,“level”:3,“time”:“2023-12-13T11:59:04+00:00”,“remoteAddr”:“164.37.18.34”,“user”:“–”,“app”:“OpenID”,“method”:“GET”,“url”:“/index.php/apps/openidconnect/redirect?code=0.AXMAeGgcFhntfEm8JXh4ckYesxUeuVMLxyhEv3iA9Hl7t_MQAQA.AgABAAIAAAAmoFfGtYxvRrNriQdPKIZ-AgDs_wUA9P8U6Lui7Y7GKUXt55OQqyWlgES9h6twKZGsmhaMSLNyC2nzen085jr_xVr1elobWQJ1e5CRGer0pBpDN_TNAopUkGIfGmFZWeFtwNhQ0QZ6CaF0g5CPMIfspUkWrJ65UYZT8RWJwyXV-2CK5y0Yzh1nG6veiT68YNPQCIiRUn28ojLsmqev1xsRN5nxhx29mRIl8Bke_A_ssrY0iGv5BhE5YwWelMsW4HTJx1G6Dxh6xolwDc58JI1-zNEPjF3OyA58btJ0NxfjyqN3fCtvLzId6L9sLFFcCAdfuDHrlJK9wCosTfoWsKPxwFprWuqKPiG7zfpFGE7pu6L8z_RjsfjeBAxYnMwDXyHNLRWJFtbPnHhXONrtsWEEsgjS407ljo6lNGwykkPdquRshznL7bTRQoAiQM8Iv2LofQk5-BXOdbLv8xzf0cNWw0S5-6Vq3WqyA52ASOob7ljCyP5gv79ILXTufV9Mzqm4auWFwLAvi8OSesBsltd1e8ABNRoqtZNdVOuMPuxow-37hkceARglq3kvBZdcV8-RiDL1oSezVNOUT3psZadGB-eOCmSL4nWUAtRPau7VA6Dg6wKt8OjP37oY61XW5fTNxA6FtY_w40J2SFGjk2eNwxmYNRkwcg3gqr8gj6jSEYw2GHl7GH-nv1M1E3MIvS0FSA7id0wxLBMxCF2nCpYp8O4cXdA2n3RMxOsKDgKjauCYQhy8pMdcAORdGnKJ5zfYXmrmRme2tBJMtN65iSyTJGZFE8YWvFHhC9kmoH4SdIlX1QT86gH8KatLxe0cJY55n217CYmf_6u93WnfEUIm_-n3ITHkyMr_zsb9RaWPn1X8HVU&state=9d49544e4670eecad7f892b3e210fe4c&session_state=af77da0d-1a26-4850-8a65-d00794fcea73”,“message”:“Exception: {"Exception":"Jumbojett\\OpenIDConnectClientException","Message":"Unable to verify JWT claims","Code":0,"Trace":"#0 \/var\/www\/owncloud\/apps-external\/openidconnect\/lib\/Client.php(399): Jumbojett\\OpenIDConnectClient->authenticate()\n#1 \/var\/www\/owncloud\/apps-external\/openidconnect\/lib\/Controller\/LoginFlowController.php(134): OCA\\OpenIdConnect\\Client->authenticate()\n#2 \/var\/www\/owncloud\/lib\/private\/AppFramework\/Http\/Dispatcher.php(170): OCA\\OpenIdConnect\\Controller\\LoginFlowController->login(*** sensitive parameters replaced ***)\n#3 \/var\/www\/owncloud\/lib\/private\/AppFramework\/Http\/Dispatcher.php(89): OC\\AppFramework\\Http\\Dispatcher->executeController()\n#4 \/var\/www\/owncloud\/lib\/private\/AppFramework\/App.php(100): OC\\AppFramework\\Http\\Dispatcher->dispatch()\n#5 \/var\/www\/owncloud\/lib\/private\/AppFramework\/Routing\/RouteActionHandler.php(47): OC\\AppFramework\\App::main()\n#6 \/var\/www\/owncloud\/lib\/private\/Route\/Router.php(344): OC\\AppFramework\\Routing\\RouteActionHandler->__invoke()\n#7 \/var\/www\/owncloud\/lib\/base.php(914): OC\\Route\\Router->match()\n#8 \/var\/www\/owncloud\/index.php(54): OC::handleRequest()\n#9 {main}","File":"\/var\/www\/owncloud\/apps-external\/openidconnect\/vendor\/jumbojett\/openid-connect-php\/src\/OpenIDConnectClient.php","Line":388}”}