oxd server error

By: jithin thankachan user 02 Apr 2016 at 7:02 a.m. CDT

4 Responses
jithin thankachan gravatar
I tried using oxd server for enabling openidconnect in wordpress.But it shows me the following error Failed to register client for site. Details:{"error":"invalid_redirect_uri","error_description":"Value of one or more redirect_uris is invalid."} and the request parameters are shown as Command: {"command":"register_site","params":{"authorization_redirect_uri":"https://localhost:8888/blog/wp-login.php?option=oxdOpenId","post_logout_redirect_uri":"https://localhost:8888/blog/index.php?option=allLogout","application_type":"web","redirect_uris":["https://localhost:8888/blog/wp-login.php?option=oxdOpenId"],"acr_values":[],"scope":["openid","profile","email","address","clientinfo","mobile_phone","phone"],"client_jwks_uri":null,"client_token_endpoint_auth_method":null,"client_request_uris":null,"contacts":["abc@gmail.com"],"grant_types":["authorization_code"],"response_types":["code"],"client_logout_uri":"https://localhost:8888/blog/index.php?option=allLogout"}} looks fine to me..can anyone tell what is the problem
None
closed

Answers

By Aliaksandr Samuseu staff 02 Apr 2016 at 2:37 p.m. CDT

Copy
Aliaksandr Samuseu gravatar
Have you tried to use some other hostname instead of "localhost" in redirection uris? Like, any random hostname similar to real dns name ("my.host.loc")? You can map it to your ip address in `/etc/hosts` file. Just guessing, not sure it will help.

By Aliaksandr Samuseu staff 02 Apr 2016 at 3:11 p.m. CDT

Copy
Aliaksandr Samuseu gravatar
Also note this requirement of [oAuth 2.0](https://tools.ietf.org/html/rfc6749#section-3.1.2): >The endpoint URI MAY include an "application/x-www-form-urlencoded" formatted (per Appendix B) query component ([RFC3986] Section 3.4), which MUST be retained when adding additional query parameters. The endpoint URI MUST NOT include a fragment component. >To address this shortcoming when generating payloads using this media type, names and values MUST be encoded using the UTF-8 character encoding scheme [RFC3629] first; the resulting octet sequence then needs to be further encoded using the escaping rules defined in [W3C.REC-html401-19991224].

By Yuriy Zabrovarnyy staff 02 Apr 2016 at 4:27 p.m. CDT

Copy
Yuriy Zabrovarnyy gravatar
Please check your application_type. For application_type=web it is not allowed to register localhost redirect_uri, for application_type=native it is allowed to register only localhost or URI with custom schema (myschema://host). Please also check you ssl configuration to make sure 8888 is really https port (and not plain connection port) because next you will probably get "Peer not authenticated" exception. It's critical to get your ssl configured correctly.

By Aliaksandr Samuseu staff 04 Apr 2016 at 12:57 p.m. CDT

Copy
Aliaksandr Samuseu gravatar
Hi, Jithin. Was that helpful? Do you still need this ticket open?

Post an answer