How to disable https for oidcc/ueberauth

Questions / Help
,
1

Currently im trying to implement ueberauth_oidcc where i am using a local keycloak server as identity provider.

Since i’m developing locally i use http, but I get this error when starting my app:

Error Details: {:configuration_load_failed, {:invalid_config_property, {:uri_https, :userinfo_endpoint}}}

The error is quite clear, I need to use https. But I can’t for the life of me figure out how to disable this check locally when im developing. I followed this tutorial: UeberauthOidcc — Ueberauth OIDCC v0.4.2

Hope someone can help me.

This is my dev.exs

config :ueberauth_oidcc, :issuers, [
  %{
    name: :oidcc_issuer,
    issuer: "http://localhost:8080/realms/my-realm"
  }
]

config :ueberauth, Ueberauth,
  providers: [
    oidc: {
      Ueberauth.Strategy.Oidcc,
      # Additional HTTP tolerance
      issuer: :oidcc_issuer,
      client_id: "my-realm-phoenix",
      client_secret: "my-secret",
      scopes: ["openid", "profile", "email"],
      callback_path: "/auth/callback",
      userinfo: false,
      validate_scopes: false,
      uid_field: "email",
    }
  ]
2

oidcc has an option for providers: oidcc_provider_configuration — Oidcc v3.5.2

Not sure how you’d pass that when using the ueberauth strategy though.

1 Like
3

That is also where I ended up… Haven’t figured it out yet.

4

Why not go the other way and use a self signed cert with local development? Is that an option?

mix phx.gen.secret

5 
config :ueberauth_oidcc, :issuers, [
  %{
    name: :oidcc_issuer,
    issuer: "http://localhost:8080/realms/my-realm",
    provider_configuration_opts: %{
      quirks: %{allow_unsafe_http: true}
    }
  }
]

This should work based on the typespecs on Oidcc.ProviderConfiguration.Worker — Oidcc v3.5.2, which is what the library uses: lib/ueberauth_oidcc/application.ex · main · Paul Swartz / ueberauth_oidcc · GitLab

2 Likes
6

Thank you so much!