Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

oidc_subject null #185

Closed
brunopenso opened this issue Dec 4, 2019 · 2 comments
Closed

oidc_subject null #185

brunopenso opened this issue Dec 4, 2019 · 2 comments

Comments

@brunopenso
Copy link
Contributor

Hi guys,

I'm trying to configure my mediawiki docker image to run with our OpenIdConnect server and I'm getting the error below. Can anyone help?

[8e83b5ad531a9b2e63de4d90] /index.php?title=Special:UserLogin&returnto=Main+Page Wikimedia\Rdbms\DBQueryError from line 1587 of /var/www/html/includes/libs/rdbms/database/Database.php: A database query error has occurred. Did you forget to run your application's database schema updater after upgrading? Query: INSERT INTO openid_connect` (oidc_user,oidc_subject,oidc_issuer) VALUES ('14',NULL,'https://auth.xxxx.com.br/adfs') ON DUPLICATE KEY UPDATE oidc_subject = NULL,oidc_issuer = 'https://auth.xxxx.com.br/adfs'
Function: OpenIDConnect::saveExtraAttributes
Error: 1048 Column 'oidc_subject' cannot be null (mediawiki-mysql)
Backtrace:

#0 /var/www/html/includes/libs/rdbms/database/Database.php(1556): Wikimedia\Rdbms\Database->getQueryExceptionAndLog(string, integer, string, string)
#1 /var/www/html/includes/libs/rdbms/database/Database.php(1274): Wikimedia\Rdbms\Database->reportQueryError(string, integer, string, string, boolean)
#2 /var/www/html/includes/libs/rdbms/database/DatabaseMysqlBase.php(1380): Wikimedia\Rdbms\Database->query(string, string)
#3 /var/www/html/extensions/OpenIDConnect/src/OpenIDConnect.php(283): Wikimedia\Rdbms\DatabaseMysqlBase->upsert(string, array, array, array, string)
#4 /var/www/html/extensions/PluggableAuth/includes/PluggableAuthPrimaryAuthenticationProvider.php(124): OpenIDConnect->saveExtraAttributes(integer)
#5 /var/www/html/includes/auth/AuthManager.php(2444): PluggableAuthPrimaryAuthenticationProvider->autoCreatedAccount(User, string)
#6 /var/www/html/includes/auth/AuthManager.php(1743): MediaWiki\Auth\AuthManager->callMethodOnProviders(integer, string, array)
#7 /var/www/html/includes/auth/AuthManager.php(622): MediaWiki\Auth\AuthManager->autoCreateUser(User, string, boolean)
#8 /var/www/html/includes/specialpage/AuthManagerSpecialPage.php(355): MediaWiki\Auth\AuthManager->continueAuthentication(array)
#9 /var/www/html/includes/specialpage/AuthManagerSpecialPage.php(482): AuthManagerSpecialPage->performAuthenticationStep(string, array)
#10 /var/www/html/includes/htmlform/HTMLForm.php(660): AuthManagerSpecialPage->handleFormSubmit(array, VFormHTMLForm)
#11 /var/www/html/includes/specialpage/AuthManagerSpecialPage.php(416): HTMLForm->trySubmit()
#12 /var/www/html/includes/specialpage/LoginSignupSpecialPage.php(313): AuthManagerSpecialPage->trySubmit()
#13 /var/www/html/includes/specialpage/SpecialPage.php(569): LoginSignupSpecialPage->execute(NULL)
#14 /var/www/html/includes/specialpage/SpecialPageFactory.php(558): SpecialPage->run(NULL)
#15 /var/www/html/includes/MediaWiki.php(288): MediaWiki\Special\SpecialPageFactory->executePath(Title, RequestContext)
#16 /var/www/html/includes/MediaWiki.php(865): MediaWiki->performRequest()
#17 /var/www/html/includes/MediaWiki.php(515): MediaWiki->main()
#18 /var/www/html/index.php(42): MediaWiki->run()
#19 {main}`

On the composer file I'm using the version:
"jumbojett/openid-connect-php": "^0.8.0"

And i'm using the extensions:

  • OpenIDConnect-REL1_33-0467f7b.tar.gz
  • PluggableAuth-REL1_33-a69f626.tar.gz
@cicalese
Copy link
Collaborator

cicalese commented Dec 4, 2019

You can ask for help with the OpenID Connect MediaWiki extension at https://www.mediawiki.org/wiki/Extension_talk:OpenID_Connect and file a bug report at https://phabricator.wikimedia.org/maniphest/task/edit/form/1/?tags=mediawiki-extensions-openid-connect. I will respond here, but further discussion can be moved to those locations if it turns out the issue is with the MediaWiki extension and not the library.

The problem being reported is that the oidc_subject field is null:

INSERT INTO openid_connect` (oidc_user,oidc_subject,oidc_issuer) VALUES ('14',NULL,'https://auth.xxxx.com.br/adfs') ON DUPLICATE KEY UPDATE oidc_subject = NULL,oidc_issuer = 'https://auth.xxxx.com.br/adfs'

It would be helpful to turn on debug logging if you have not already done so (see https://www.mediawiki.org/wiki/Manual:How_to_debug#Logging) and look for lines that begin with "[OpenID Connect]". In particular, you want to see if a valid subject was returned by the authentication request.

@brunopenso
Copy link
Contributor Author

Let me open in the correct place! THanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@cicalese @brunopenso