[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: oauth discoverability

OpenShift does not function as an OpenID Connect server.

It does serve a discovery document as described in https://tools.ietf.org/html/draft-ietf-oauth-discovery-06 at https://<api>/.well-known/oauth-authorization-server

The redirect URI must point to a URL hosted by your application, and configured as an allowed redirect in the OAuthClient object created for your client.

On Thu, May 11, 2017 at 5:55 AM, Mark Nuttall-Smith <marknuttallsmith gmail com> wrote:
Does the (or is there a plan to make the) OpenShift oauth server support discoverability? 


I'm trying to connect a C# client to my OpenShift API, using the IdentityModel.OidcClient2 library - which by default tries to discover the config for the oauth server. Since I couldn't make this work, I have been attempting to configure the client manually - also without success so far. 

      var options = new OidcClientOptions
          Authority = "",
          ClientId = "dotnet-client",
          ResponseMode = OidcClientOptions.AuthorizeResponseMode.Redirect,
          Flow = OidcClientOptions.AuthenticationFlow.AuthorizationCode,
          RedirectUri = "http://localhost/winforms.client",
          Browser = new WinFormsEmbeddedBrowser(),
          ProviderInformation = new ProviderInformation
              IssuerName = "",
              AuthorizeEndpoint = "",
              TokenEndpoint = "",
              KeySet = new JsonWebKeySet("{\"alg\":\"RS256\"}")

It appears the flow is working right up until the redirect to the client at http://localhost/winforms.client", which fails with a HTTP 502 Connection Failed error. Some other config below. If anyone is familiar with any of this stuff I'd be grateful for assistance :)


    "kind": "OAuthClient",
    "apiVersion": "v1",
    "metadata": {
        "name": "dotnet-client",
    "redirectURIs": [

    "identityProviders": [
        "name": "auth0",
        "kind": "OpenIDIdentityProvider",
        "clientID": "xxxx",
        "clientSecret": "xxxx",
        "login": true,
        "challenge": true,
        "mappingMethod": "claim",
        "provider": {
          "apiVersion": "v1",
          "claims": {
            "id": [
            "name": [
          "urls": {
            "token": "https://xxx.auth0.com/oauth/token",
            "authorize": "https://xxx.auth0.com/authorize",
            "userInfo": "https://xxx.auth0.com/userinfo"

users mailing list
users lists openshift redhat com

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]