[Web] Fix Generic-OIDC connection test

2025-12-13 09:56:01 +00:00 · 2025-02-07 15:05:43 +01:00
parent f0016eeecd
commit 55dcae4a01
2 changed files with 25 additions and 6 deletions
--- a/data/web/inc/functions.inc.php
+++ b/data/web/inc/functions.inc.php
@@ -2337,12 +2337,7 @@ function identity_provider($_action = null, $_data = null, $_extra = null) {

      switch ($_data['authsource']) {
        case 'keycloak':
-        case 'generic-oidc':
-          if ($_data['authsource'] == 'keycloak') {
-            $url = "{$_data['server_url']}/realms/{$_data['realm']}/protocol/openid-connect/token";
-          } else {
-            $url = $_data['token_url'];
-          }
+          $url = "{$_data['server_url']}/realms/{$_data['realm']}/protocol/openid-connect/token";
          $req = http_build_query(array(
            'grant_type'    => 'client_credentials',
            'client_id'     => $_data['client_id'],
@@ -2355,6 +2350,29 @@ function identity_provider($_action = null, $_data = null, $_extra = null) {
          curl_setopt($curl, CURLOPT_POSTFIELDS, $req);
          curl_setopt($curl, CURLOPT_HTTPHEADER, array('Content-Type: application/x-www-form-urlencoded'));
          curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
+          if ($_data['ignore_ssl_error'] == "1"){
+            curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
+            curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false);
+          }
+          $res = curl_exec($curl);
+          $code = curl_getinfo($curl, CURLINFO_HTTP_CODE);
+          curl_close ($curl);
+
+          if ($code != 200) {
+            return false;
+          }
+        break;
+        case 'generic-oidc':
+          $url = $_data['token_url'];
+          $curl = curl_init();
+          curl_setopt($curl, CURLOPT_URL, $url);
+          curl_setopt($curl, CURLOPT_TIMEOUT, 7);
+          curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
+          curl_setopt($curl, CURLOPT_CUSTOMREQUEST, "OPTIONS");
+          if ($_data['ignore_ssl_error'] == "1"){
+            curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
+            curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false);
+          }
          $res = curl_exec($curl);
          $code = curl_getinfo($curl, CURLINFO_HTTP_CODE);
          curl_close ($curl);