Dear experts,
we are integrating an application, Moodle, that apparently has an
openIdConnect plugin that is already working with Azure (we tested alredy).
Changing the IDP from Azure to Keycloak, we get the following error:
"Error in OpenID Connect: Code not valid"
line 54 of /auth/oidc/classes/utils.php: moodle_exception thrown
line 252 of /auth/oidc/classes/oidcclient.php: call to
auth_oidc\utils::process_json_response()
line 197 of /auth/oidc/classes/loginflow/authcode.php: call to
auth_oidc\oidcclient->tokenrequest()
line 85 of /auth/oidc/classes/loginflow/authcode.php: call to
auth_oidc\loginflow\authcode->handleauthresponse()
line 105 of /auth/oidc/auth.php: call to
auth_oidc\loginflow\authcode->handleredirect()
line 29 of /auth/oidc/index.php: call to auth_plugin_oidc->handleredirect()
Where the Code has the following format:
"hZvVPC6iqBAZk9sXNbGGFa4hyHSdfLvsQ8adtGXS1dI8789b5e7-2d4f-4336-9896-981621969138"
We opened the .well-known and we have:
"token_endpoint_auth_methods_supported": "private_key_jwt",
"client_secret_basic", "client_secret_post".
Checking online
https://github.com/Microsoft/o365-moodle/issues/200
We found out the identical stack trace and that other person resolved
the issue changing the Token Authentication Method to
client_secret_post, but from the .well-known, we saw that it's already
between the accepted auth methods for our Keycloak.
Have you any advise?
Thanks