Re: OAUTH2 tokeninfo is doing a GET instead of a POST request

2023-10-26 Thread Alexander Leidinger via dovecot
Am 2023-10-25 20:54, schrieb Aki Tuomi: Seems your issue is oauth2(email,IP,): oauth2 failed: Local validation failed: client_id not found in aud field This is a recently added thing, as oauth2 spec requires to check this. If you are using local validation, you can opt to leave client_id emp

Re: OAUTH2 tokeninfo is doing a GET instead of a POST request

2023-10-25 Thread Aki Tuomi via dovecot
> On 25/10/2023 16:02 EEST Alexander Leidinger via dovecot > wrote: > > > Am 2023-10-25 08:03, schrieb Aki Tuomi: > >> On 24/10/2023 17:25 EEST Alexander Leidinger via dovecot > >> wrote: > >> > >> > >> Am 2023-10-24 15:14, schrieb Aki Tuomi: > >> >> On 24/10/2023 15:49 EEST Alexander Le

Re: OAUTH2 tokeninfo is doing a GET instead of a POST request

2023-10-25 Thread Alexander Leidinger via dovecot
Am 2023-10-25 08:03, schrieb Aki Tuomi: On 24/10/2023 17:25 EEST Alexander Leidinger via dovecot wrote: Am 2023-10-24 15:14, schrieb Aki Tuomi: >> On 24/10/2023 15:49 EEST Alexander Leidinger via dovecot >> wrote: >> >> >> Am 2023-10-23 08:43, schrieb Aki Tuomi: >> > Don't set tokeninfo url

Re: OAUTH2 tokeninfo is doing a GET instead of a POST request

2023-10-24 Thread Aki Tuomi via dovecot
> On 24/10/2023 17:25 EEST Alexander Leidinger via dovecot > wrote: > > > Am 2023-10-24 15:14, schrieb Aki Tuomi: > >> On 24/10/2023 15:49 EEST Alexander Leidinger via dovecot > >> wrote: > >> > >> > >> Am 2023-10-23 08:43, schrieb Aki Tuomi: > >> > Don't set tokeninfo url if you require

Re: OAUTH2 tokeninfo is doing a GET instead of a POST request

2023-10-24 Thread Alexander Leidinger via dovecot
Am 2023-10-24 15:14, schrieb Aki Tuomi: On 24/10/2023 15:49 EEST Alexander Leidinger via dovecot wrote: Am 2023-10-23 08:43, schrieb Aki Tuomi: > Don't set tokeninfo url if you require POST query. It's not mandatory > to set all endpoints. If I comment out the tokeninfo_url (the rest the sam

Re: OAUTH2 tokeninfo is doing a GET instead of a POST request

2023-10-24 Thread Aki Tuomi via dovecot
> On 24/10/2023 15:49 EEST Alexander Leidinger via dovecot > wrote: > > > Am 2023-10-23 08:43, schrieb Aki Tuomi: > > Don't set tokeninfo url if you require POST query. It's not mandatory > > to set all endpoints. > > If I comment out the tokeninfo_url (the rest the same as in the qorking

Re: OAUTH2 tokeninfo is doing a GET instead of a POST request

2023-10-24 Thread Alexander Leidinger via dovecot
Am 2023-10-23 08:43, schrieb Aki Tuomi: Don't set tokeninfo url if you require POST query. It's not mandatory to set all endpoints. If I comment out the tokeninfo_url (the rest the same as in the qorking config below in the quote), I get the error message "oauth2 failed: Introspection failed:

Re: OAUTH2 tokeninfo is doing a GET instead of a POST request

2023-10-23 Thread Aki Tuomi via dovecot
Don't set tokeninfo url if you require POST query. It's not mandatory to set all endpoints. Also if you are using jwt, you can also opt to do local validation instead. Aki > On 17/10/2023 16:03 EEST Alexander Leidinger via dovecot > wrote: > > > Hi, > > I try to setup oauth2 authenticatio

OAUTH2 tokeninfo is doing a GET instead of a POST request

2023-10-19 Thread Alexander Leidinger via dovecot
Hi, I try to setup oauth2 authentication with dovecot 2.3.21. The debug log of dovecot shows that it tries to do a HTTP GET request to the tokeninfo url with the token appended to the end of the URL. This gives a 404 error. The openidconnect server I use (keycloak) tells that this API endpoin