Redmine Azure AD authentication

Added by Swanand Kulkarni 2 months ago

Hi. I am trying to use the omniauth plugin available at https://github.com/Gucin/redmine_omniauth_azure to authenticate with my Azure Active Directory. I was able to get to the point where I am redirected to the MS signing page. After entering my credentials however, I get an error 500. The log reads as follows:

***************************
I, [2021-07-20T04:26:22.111655 #1] INFO -- : Current user: anonymous
E, [2021-07-20T04:26:22.361097 #1] ERROR -- : [{"aud"=>"00000002-0000-0000-c000-000000000000", "iss"=>"https://sts.windows.net/48f7eb2-bf2c-450e-8fba-d0c5ad7b9ba8/", "iat"=>1626754882, "nbf"=>1626754882, "exp"=>1626758782, "acr"=>"1", "aio"=>"E2ZgYPgu07Tx626BfplGbu38fVdY+rqja36/kxmi2tz6evvLscB", "amr"=>["pwd"], "appid"=>"myappid", "appidacr"=>"1", "fmily_name"=>"userlastname", "given_name"=>"userfirstname", "ipaddr"=>"useripaddress", "name"=>"user fullname", "oid"=>"850e92f6-a6fe4824-bd23-a2cbda106d06", "puid"=>"100320014C4D1D14", "rh"=>"0.AXAAsn6PlCy_DkWPutDFrXubqNRlxl_ReF9Hr4xqMLI-6_hwAAc.", "scp"=>"Usr.Read", "sub"=>"1NveMbKBaaMt4doiDzywlXeTh9xMJAA8Xafn0XQdPFI", "tenant_region_scope"=>"AS", "tid"=>"948f7eb2-bf2c-450e-8fba-d0cad7b9ba8", "unique_name"=>"", "upn"=>"", "uti"=>"TyW2oUslJ0auHm3UYyP7A", "ver"=>"1.0"}, {"typ"=>"JWT", "alg"=>"RS256", "x5t"=>"nOo3ZDrODXEK1jKWhXslHR_KXEg", "kid"=>"nOo3ZDrODXEK1jKWhXslHR_KXEg"}]
I, [2021-07-20T04:26:22.368833 #1] INFO -- : Completed 500 Internal Server Error in 266ms (ActiveRecord: 6.0ms)
F, [2021-07-20T04:26:22.370235 #1] FATAL -- :
F, [2021-07-20T04:26:22.370338 #1] FATAL -- : ArgumentError (wrong number of arguments (given 0, expected 1..2)):
F, [2021-07-20T04:26:22.370503 #1] FATAL -- :
F, [2021-07-20T04:26:22.370741 #1] FATAL -- : app/controllers/account_controller.rb:476:in `account_pending'
plugins/redmine_omniauth_azure/app/controllers/redmine_oauth_controller.rb:85:in `try_to_login'
plugins/redmine_omniauth_azure/app/controllers/redmine_oauth_controller.rb:39:in `checked_try_to_login'
plugins/redmine_omniauth_azure/app/controllers/redmine_oauth_controller.rb:29:in `oauth_azure_callback'
lib/redmine/sudo_mode.rb:61:in `sudo_mode'
192.168.10.65 - - [20/Jul/2021:04:26:22 UTC] "GET /oauth2callback_azure?code=0.AXAAsn6PlCy_DkWPutDFrXubqNRlxl_ReF9Hr4xqMLI-6_hwAA.AQABAAIAAAD--DLA3VO7QrddgJg7Wevrjv1fL2lNPb4IjZpQ7E_11pi4A7NUhZWx4Ege2jrWcHZAch_3AEMjzRoSVNebzkbgWEBzQSQKq9IVVzgeuRpbM4jTmAFNBNfCnHd4kjHxxIlkYd_W-ml26sI4IZ-DIh15M4trJUxh2J4fLzdHXwuZN6LtnSjUSd7xe7u6cVSkhfMrozDvdJYjeWzJXKHpGnAqojNSkDR78tLXQUvZE0IbAEE67y52LriP7GCmEZAss9p3QtijyYLyLJRs8j8RgLxZhEtk_p3NzRjarDRKqAawpiMzNMiu60aPjyltkz4LnkOM6qX-V11VeliOW9a94ySCYaXLzqVlg9miLQfN3lU-jTDV8JRjlfympgrAFoeYx5of-hur2do-6f0ePmRK4X17lwMDKv3-3oterGh3O0VDoPiFQCiBv7ZxNDihzIH9ngd6ZpH41otKi1ZCDZkVloecgksanxN3Vh4QMz3hpauRbIcCeSk8XwBS3GnXXE0teWkZBmrU-kBjZtntnLZN4lgD04OmyBRpd9Sat2poMdMLBOSWctL8hvaYU2u--3RBdBk0aYLzLydAy2vzrs4ZIAA&session_state=448ed814-26d-43e5-bd90-c49e46d89f46 HTTP/1.0" 500 648
https://login.microsoftonline.com/ -> /oauth2callback_azure?code=0.AXAAsn6PlCy_DkWPutDFrXubqNRlxl_ReF9Hr4xqMLI-6_hwAAA.AQABAAIAAD--DLA3VO7QrddgJg7Wevrjv1fL2lNPb4IjZpQ7E_11pi4A7NUhZWx4Ege2jrWcHZAch_3AEMjzRoSVNebzkbgWEBzQSQKq9IVVzgeuRpbM4jTmAFNcBNfCnHd4kjHxIlkYd_W-ml26sI4IZ-DIh15M4trJUxh2J4fLzdHXwuZN6LtnSjUSd7xe7u6cVSkhfMrozDvdJYjeWzJXKHpGnAqojNSkDR78tLXQUvZE0IbAEE67y5I2LriP7GCmEZss9p3QtijyYLyLJRs8j8RgLxZhEtk_p3NzRjarDRKqAawpiMzNMiu60aPjyltkz4LnkOM6qX-V11VeliOW9a94ySCYaXLzqVlg9miLQfN3lU-jTDV8JmRjlfympgrAFeYx5of-hur2do-6f0ePmRK4X17lwMDKv3-3oterGh3O0VDoPiFQCiBv7ZxNDihzIH9ngd6ZpH41otKi1ZCDZkVloecgksanxN3Vh4QMz3hpauRbIcCeVSk8XwBS3GnXE0teWkZBmrU-kBjZtntnLZN4lgD04OmyBRpd9Sat2poMdMLBOSWctL8hvaYU2u--3RBdBk0aYLzLydAy2vzrs4ZIAA&session_state=448ed814-2e6d-43e5-bd9-c49e46d89f46
192.168.10.65 - - [20/Jul/2021:04:26:22 UTC] "GET /favicon.ico HTTP/1.0" 200 7886
https://BASEREDMINEURL/oauth2callback_azure?code=0.AXAAsn6PlCy_DkWPutDFrXubqNRlxl_ReF9Hr4xqMLI-6_hwAAA.AQABAAIAAAD--DLA3O7QrddgJg7Wevrjv1fL2lNPb4IjZpQ7E_11pi4A7NUhZWx4Ege2jrWcHZAch_3AEMjzRoSVNebzkbgWEBzQSQKq9IVVzgeuRpbM4jTmAFNcBNfCnHd4kjHxxIlkYd_Wml26sI4IZ-DIh15M4trJUxh2J4fLzdHXwuZN6LtnSjUSd7xe7u6cVSkhfMrozDvdJYjeWzJXKHpGnAqojNSkDR78tLXQUvZE0IbAEE67y5I2LriP7GCmEZAss9p3QtiyYLyLJRs8j8RgLxZhEtk_p3NzRjarDRKqAawpiMzNMiu60aPjyltkz4LnkOM6qX-V11VeliOW9a94ySCYaXLzqVlg9miLQfN3lU-jTDV8JmRjlfympgrAFoeYx5of-hr2do-6f0ePmRK4X17lwMDKv3-3oterGh3O0VDoPiFQCiBv7ZxNDihzIH9ngd6ZpH41otKi1ZCDZkVloecgksanxN3Vh4QMz3hpauRbIcCeVSk8XwBS3GnXXE0teWkZBrU-kBjZtntnLZN4lgD04OmyBRpd9Sat2poMdMLBOSWctL8hvaYU2u--3RBdBk0aYLzLydAy2vzrs4ZIAA&session_state=448ed814-2e6d-43e5-bd90-c49e46d9f46 -> /favicon.ico

Can someone please guide me on what I am doing wrong? Also, please let me know if there is any other plugin that can be used to authenticate via Azure AD

Thanks in advance.

PS -

My Environment details:
Redmine version 4.2.1.stable
Ruby version 2.7.3-p183 (2021-04-05) [x86_64-linux]
Rails version 5.2.5
Environment production
Database adapter PostgreSQL
Mailer queue ActiveJob::QueueAdapters::AsyncAdapter
Mailer delivery smtp