By: Julien Bastin user 13 Mar 2020 at 5:05 a.m. CDT

10 Responses
Julien Bastin gravatar
Hello everyone, I have got a problem when I want to authenticate a user with OpenID Connect client. I have this log in /opt/gluu/jetty/oxauth/logs/oxauth.log My client is a CentOS server running with mod_auth_openid, and it's working well, because before I configured it with Azure AD as an OpenID Provider, but I removed it to use Gluu instead. ``` 2020-03-13 09:55:05,662 INFO [qtp1590550415-19] [org.gluu.oxauth.auth.Authenticator] (Authenticator.java:430) - Authentication success for User: 'xxxx' 2020-03-13 09:55:05,724 ERROR [qtp1590550415-13] [org.gluu.oxauth.model.crypto.OxAuthCryptoProvider] (OxAuthCryptoProvider.java:244) - Failed to find private key by kid: 440fa2f3-fba3-40e9-81be-1eec4ff5484c_sig_rs256, signatureAlgorithm: RS256(check whether web keys JSON in persistence corresponds to keystore file.) 2020-03-13 09:55:05,726 ERROR [qtp1590550415-13] [org.gluu.oxauth.model.common.AuthorizationGrant] (AuthorizationGrant.java:266) - Failed to find private key by kid: 440fa2f3-fba3-40e9-81be-1eec4ff5484c_sig_rs256, signatureAlgorithm: RS256(check whether web keys JSON in persistence corresponds to keystore file.) java.lang.RuntimeException: Failed to find private key by kid: 440fa2f3-fba3-40e9-81be-1eec4ff5484c_sig_rs256, signatureAlgorithm: RS256(check whether web keys JSON in persistence corresponds to keystore file.) ``` Thank you very much.

By Michael Schwartz staff 13 Mar 2020 at 8:36 a.m. CDT

Michael Schwartz gravatar
Maybe start from scratch. See the [docs](https://gluu.org/docs/ce/4.1/integration/sswebapps/openidc-rp/) I think there is also notes on the mod_auth_openidc site. Based on your short description, perhaps the client wasn't registered properly. Or perhaps the OP metadata is not updated.

By Julien Bastin user 13 Mar 2020 at 8:46 a.m. CDT

Julien Bastin gravatar
Thank you for your answer. I resolved my problem, but now when I want to connect to oxAuth with Azure AD (Via passport) it's not workign and I have these errors. https://ibb.co/bgD6Ngz

By Julien Bastin user 13 Mar 2020 at 8:48 a.m. CDT

Julien Bastin gravatar
And these errors in the script (passport_social) ``` Traceback (most recent call last): File "passport_social.py", line 99, in authenticate File "passport_social.py", line 469, in getUserProfile UnboundLocalError: local variable 'user_profile' referenced before assignment ```

By Aliaksandr Samuseu staff 13 Mar 2020 at 11:35 a.m. CDT

Aliaksandr Samuseu gravatar
Hi, Julien. In Passport's settings in web UI, please change logging level to "debug" and restart "passport" service. After that, retry the failing flow while recording network trace with browser's dev console, and export it as HAR file. You can use steps listed [here](https://www.inflectra.com/support/knowledgebase/kb254.aspx) - please use Firefox for that task, Chrome's HARs are flawed. Also don't forget to set "Persist log" and "Disable cache" checkboxes in the console to save everything, not just the recently loaded page. Share the HAR file with us, and also next logs: - `/opt/gluu/node/passport/server/logs/passport.log` - `/opt/gluu/jetty/oxauth/logs/oxauth.log` - `/opt/gluu/jetty/oxauth/logs/oxauth_script.log`

By Julien Bastin user 14 Mar 2020 at 2:57 p.m. CDT

Julien Bastin gravatar
Thank you. I will try this Monday at work.

By Julien Bastin user 16 Mar 2020 at 2:45 a.m. CDT

Julien Bastin gravatar
Hello, Here is the logs of the Gluu server. Thank you.

By Julien Bastin user 16 Mar 2020 at 2:50 a.m. CDT

Julien Bastin gravatar
oxauth.log

By Julien Bastin user 16 Mar 2020 at 2:50 a.m. CDT

Julien Bastin gravatar
oxauth_script.log

By Julien Bastin user 16 Mar 2020 at 2:51 a.m. CDT

Julien Bastin gravatar
passport.log

By Julien Bastin user 16 Mar 2020 at 5:15 a.m. CDT

Julien Bastin gravatar
Here is the errors in the script passport_social