skip to Main Content

I am trying to implement Jumbojett OpenID Authentication in my Linux Centos 9 Server. This is my login controller (welcome.php) code:

public function login_sso()
{
if (!$this->session->userdata('USERNIP')) {
            $oidc = new OpenIDConnectClient(
                $this->config->item('SSO_PROVIDER_URL'),
                $this->config->item('SSO_CLIENT_ID'),
                $this->config->item('SSO_CLIENT_SECRET')
            );
            $isAuthenticate = $oidc->authenticate();
            if ($isAuthenticate) {
                $user = $this->M_welcome->get_login_complete_sso($oidc->requestUserInfo('preferred_username'));
                [$akses, $akses_lengkap, $role_id] = $this->M_welcome->get_user_access($user[0]->PEGAWAIID,  $oidc->requestUserInfo('preferred_username'), $user[0]->JENISPEGAWAIID);
                $data_session = array(
                    'USERLOGIN' => $oidc->requestUserInfo('email'),
                    'SSO_ID_TOKEN' => $oidc->getIdToken()
                );

                $this->session->set_userdata($data_session);

                redirect('user/profil/');
            }
        }
}

This is my htaccess code :

<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php/$1 [L]
</IfModule>

<IfModule !mod_rewrite.c>
    # If we don't have mod_rewrite installed, all 404's
    # can be sent to index.php, and everything works as normal.
    # Submitted by: ElliotHaughin

    ErrorDocument 404 /index.php
</IfModule>

And this is my base_url (censored it to mysite.go.id) in config.php :

$config['base_url'] = 'https://mysite.go.id/';

when i open my web application in the browser, it goes smoothly until i use my user credentials to login (username & password) and it redirects to a page that says :

This site can’t provide a secure connection mysite.go.id sent an invalid response.
ERR_SSL_PROTOCOL_ERROR

The URL of that page seems to point at https://mysite.go.id:80/welcome/login_sso?state=6ea6c4c6f8538538621ed21fffa8e78c&session_state=1a223a56-9dba-447e-b6ed-9d79486420c9&code=18a981c1-d5a7-4ce2-8db7-4181244e4194.1a223a56-9dba-447e-b6ed-9d79486420c9.33e0c97f-f14d-4955-b0f1-863256cacd03 , i dont set the redirection port to 80 but it looks like it redirect to port 80 when the default port for ssl should be 443. I suspect this is the problem though i dont know how to fix this. Prior to using OpenID authentication (normal login with local db) it works smoothly, i got no related SSL error. But when i use OpenID authentication i keep getting this error, please help me what is wrong?

2

Answers


  1. public function login_sso()
    {
        if (!$this->session->userdata('USERNIP')) {
            $oidc = new OpenIDConnectClient(
                $this->config->item('SSO_PROVIDER_URL'),
                $this->config->item('SSO_CLIENT_ID'),
                $this->config->item('SSO_CLIENT_SECRET')
            );
            $isAuthenticate = $oidc->authenticate();
            if ($isAuthenticate) {
                $user = $this->M_welcome->get_login_complete_sso($oidc->requestUserInfo('preferred_username'));
                [$akses, $akses_lengkap, $role_id] = $this->M_welcome->get_user_access($user[0]->PEGAWAIID, $oidc->requestUserInfo('preferred_username'), $user[0]->JENISPEGAWAIID);
                $data_session = array(
                    'USERLOGIN' => $oidc->requestUserInfo('email'),
                    'SSO_ID_TOKEN' => $oidc->getIdToken()
                );
    
                $this->session->set_userdata($data_session);
    
                redirect('user/profil/');
            }
        }
    }
    
    Login or Signup to reply.
  2. Don`t use CentOS in 2024

    The CentOS Project will discontinue updates and releases of CentOS Linux between 2021 and 2024. As a result, CentOS Linux users must migrate to a new operating system to continue receiving updates, patches, and new features. This presents an opportunity to reassess your organization’s needs and migrate to a platform that will support your business now and in the future.

    CentOS Stream is a continuously delivered distribution that lets open source community members contribute to Red Hat® Enterprise Linux in tandem with Red Hat developers. CentOS Stream may seem like a natural choice to replace CentOS Linux, but it is not designed for production use. It is intended as a development platform for Red Hat partners and others that want to participate and collaborate in the Red Hat Enterprise Linux ecosystem. Consequently, running CentOS Stream in production environments presents many challenges compared to enterprise-ready distributions like Red Hat Enterprise Linux.

    More information

    Login or Signup to reply.
Please signup or login to give your own answer.
Back To Top
Search