I am trying to implement Jumbojett OpenID Authentication in my Linux Centos 9 Server. This is my login controller (welcome.php) code:
public function login_sso()
{
if (!$this->session->userdata('USERNIP')) {
$oidc = new OpenIDConnectClient(
$this->config->item('SSO_PROVIDER_URL'),
$this->config->item('SSO_CLIENT_ID'),
$this->config->item('SSO_CLIENT_SECRET')
);
$isAuthenticate = $oidc->authenticate();
if ($isAuthenticate) {
$user = $this->M_welcome->get_login_complete_sso($oidc->requestUserInfo('preferred_username'));
[$akses, $akses_lengkap, $role_id] = $this->M_welcome->get_user_access($user[0]->PEGAWAIID, $oidc->requestUserInfo('preferred_username'), $user[0]->JENISPEGAWAIID);
$data_session = array(
'USERLOGIN' => $oidc->requestUserInfo('email'),
'SSO_ID_TOKEN' => $oidc->getIdToken()
);
$this->session->set_userdata($data_session);
redirect('user/profil/');
}
}
}
This is my htaccess code :
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php/$1 [L]
</IfModule>
<IfModule !mod_rewrite.c>
# If we don't have mod_rewrite installed, all 404's
# can be sent to index.php, and everything works as normal.
# Submitted by: ElliotHaughin
ErrorDocument 404 /index.php
</IfModule>
And this is my base_url (censored it to mysite.go.id) in config.php :
$config['base_url'] = 'https://mysite.go.id/';
when i open my web application in the browser, it goes smoothly until i use my user credentials to login (username & password) and it redirects to a page that says :
This site can’t provide a secure connection mysite.go.id sent an invalid response.
ERR_SSL_PROTOCOL_ERROR
The URL of that page seems to point at https://mysite.go.id:80/welcome/login_sso?state=6ea6c4c6f8538538621ed21fffa8e78c&session_state=1a223a56-9dba-447e-b6ed-9d79486420c9&code=18a981c1-d5a7-4ce2-8db7-4181244e4194.1a223a56-9dba-447e-b6ed-9d79486420c9.33e0c97f-f14d-4955-b0f1-863256cacd03
, i dont set the redirection port to 80 but it looks like it redirect to port 80 when the default port for ssl should be 443. I suspect this is the problem though i dont know how to fix this. Prior to using OpenID authentication (normal login with local db) it works smoothly, i got no related SSL error. But when i use OpenID authentication i keep getting this error, please help me what is wrong?
Apparently its a bug in the OpenID library itself based on this reference, specifically in OpenIDConnectClient.php where the $_SERVER['SERVER_PORT']
will automatically adding 80 port to redirect if its not converted to integer.