Bug 2018181

Summary: OIDCMetadataDir not working in 2.4.9
Product: [Fedora] Fedora Reporter: Brandon <brandonk98>
Component: mod_auth_openidcAssignee: Tomas Halman <thalman>
Status: CLOSED CURRENTRELEASE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: medium Docs Contact:
Priority: unspecified    
Version: 34CC: aboscatt, jhrozek, puiterwijk, thalman, xjia
Target Milestone: ---Keywords: Triaged
Target Release: ---   
Hardware: All   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2022-04-26 12:41:27 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 499109, 2001647    
Bug Blocks:    

Description Brandon 2021-10-28 13:17:36 UTC 
Description of problem:
  The OIDCMetadataDir directive does not result in a redirect for authentication when Require Claim iss: is used.

Version-Release number of selected component (if applicable):
 2.4.9-1

How reproducible:
 Get OIDCMetaDataDir working with 2.4.8.  Upgrade to 2.4.9

Steps to Reproduce:
 As above
Actual results:
 Redirect to IDP login does not occur and 401 is only possible response.

Expected results:
 Redirect to IDP occurs as normal.

Additional info:
 component owner confirm this issue in 2.4.9.  2.4.9.4 addresses this problem, but has not been built as RPM yet.

Reference discussion:
https://github.com/zmartzone/mod_auth_openidc/discussions/690
Comment 1 Brandon 2021-12-07 17:47:46 UTC 
Version upgrade being tracked under BugĀ 2001647
Comment 2 Tomas Halman 2022-04-26 12:41:27 UTC 
Fedora 34 EOL is comming soon. Required fix is present in f35+, please upgrade your Fedora.