I tried to import the basic IDP config for a custom "OpenID Connect v1.0"
provider from the published Google autoconf URL:
https://accounts.google.com/.well-known/openid-configuration
The URLs are picked up fine but there seem to be two issues:
1.) the "Issuer" is imported as "https://accounts.google.com" when it
should be "accounts.google.com"
2.) the public validation keys are not imported correctly. The always
produce
12:09:40,416 ERROR
[org.keycloak.broker.oidc.AbstractOAuth2IdentityProvider] (default task-17)
Failed to make identity provider oauth callback:
org.keycloak.broker.provider.IdentityBrokerException: token signature
validation failed
at
org.keycloak.broker.oidc.OIDCIdentityProvider.validateToken(OIDCIdentityProvider.java:286)
when authentication is being performed.
Are these bugs or is the published discovery document from Google not
standard compliant?
Thanks