mod_auth_openidc through apache Reverse Proxy, error #1012

sirpatrick2 · 2023-02-09T12:16:26Z

sirpatrick2
Feb 9, 2023

We could successfully implement mod_auth_openidc and Azure Active Directory Authentication.
Therefore, accessing or WEB application from inside the LAN works fine.

Now we would like to access our Web App from outside, by proxying through an Apache Reverse Proxy which is on our DMZ.

LAN Web APP:
https://lxinp.ofima.ch/testautidc/

OIDCProviderMetadataURL [...]
OIDCRedirectURI [...]
# This must match the Redirect URI of Azure configuration above

# Application (client) ID
OIDCClientID [...]
OIDCClientSecret [...]
OIDCCryptoPassphrase [...]
OIDCRemoteUserClaim upn
OIDCStateMaxNumberOfCookies 5 true
OIDCCacheShmEntrySizeMax 66065
OIDCCookie mod_auth_openidc_session

<Location /testautidc>
    SSLRequireSSL
    SSLOptions +StdEnvVars

    AuthType openid-connect
    require valid-user
    LogLevel debug
</Location>

Accessing from outside (through reverse Proxy)
https://testidcproxy.ofima.ch/

With ProxyPreserveHost Off: I get error 500
oidc_authenticate_user: the URL hostname ([lxinp.ofima.ch](http://lxinp.ofima.ch/)) of the configured OIDCRedirectURI does not match the URL hostname of the URL being accessed ([testidcproxy.ofima.ch](http://testidcproxy.ofima.ch/))

With ProxyPreserveHost On i get error 400:

oidc_authorization_response_match_state: unable to restore state
oidc_handle_authorization_response: invalid authorization response state and no default SSO URL is set, sending an error...

Proxy host Apache configuration:

<VirtualHost *:443>
 ServerName testidcproxy.ofima.ch:443

 #ProxyPreserveHost Off
 ProxyPreserveHost On

 ProxyPass        "/" "https://lxinp.ofima.ch/testautidc/"
 ProxyPassReverse "/" "https://lxinp.ofima.ch/testautidc/"

 SSLEngine On
 SSLCertificateFile /etc/apache2/ssl.crt/star_ofima_ch.crt
 SSLCertificateKeyFile /etc/apache2/ssl.key/star_ofima_ch.key
 SSLCertificateChainFile /etc/apache2/ssl.crt/SectigoRSAOVBundle.pem
</VirtualHost>

I can I make this configuration working?
Tanks and regards,

Answered by zandbelt

Feb 9, 2023

you should be able to set a relative redirect URI e.g. OIDCRedirectURI /testautidc/redirect_uri and register both https://testidcproxy.ofima.ch/testautidc/redirect_uri and https://lxinp.ofima.ch/testautidc/redirect_uri as Redirect URIs in the Azure Active Directory configuration for the mod_auth_openidc Client

View full answer

zandbelt · 2023-02-09T12:25:54Z

zandbelt
Feb 9, 2023
Maintainer

you should be able to set a relative redirect URI e.g. OIDCRedirectURI /testautidc/redirect_uri and register both https://testidcproxy.ofima.ch/testautidc/redirect_uri and https://lxinp.ofima.ch/testautidc/redirect_uri as Redirect URIs in the Azure Active Directory configuration for the mod_auth_openidc Client

0 replies

sirpatrick2 · 2023-02-09T13:38:12Z

sirpatrick2
Feb 9, 2023
Author

Thanks a lot,
I register both https://testidcproxy.ofima.ch/testautidc/redirect_uri and https://lxinp.ofima.ch/testautidc/redirect_uri as Redirect URIs in the Azure Active Directory configuration as you suggested.
On apache web, the relative URL:
OIDCRedirectURI /testautidc/redirect_uri

I get error

AADSTS50011: The redirect URI 'https://testidcproxy.ofima.ch/testautidc/redirect_uri' specified in the request does not match the redirect URIs configured for the application '1fdab53e-8339-4dc0-a228-171fad1921fa'.

Log:

oidc_util_request_matches_url: comparing "/testautidc/"=="/testautidc/redirect_uri"
oidc_get_browser_state_hash: enter
oidc_util_hdr_in_get: X-Forwarded-For=192.1.2.127
oidc_util_hdr_in_get: User-Agent=Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36 Edg/109.0.1518.78
oidc_util_create_symmetric_key: key_len=32
oidc_util_set_cookie_append_value: no cookie append environment variable OIDC_SET_COOKIE_APPEND found
oidc_util_hdr_err_out_add: Set-Cookie: mod_auth_openidc_state_IfEVk_5HdmW5OG5eFFeeEby8NLo=eyJhbGciOiAiZGlyIiwgVuYyI6ICJBMjU2R0NNIn0..Sq4LhWWL55N3OfOx.T1EOD_t9dVb-DzYntmGWFx29GEDp1nPt6CiXe8fSsDDGsFcSqbGJ5rFSGNQ-4fF7eKKY_PQ3ESAls0rHmF5GrwCC13SsJ0ZZU-kFrQO4UctBRYe7QdxIUFGatNNYlYCIqdxQ9Cu8ioqEL3IPMdbg_ox2y5thrLZCSRZJaN6X_2BtLrx6tkfiQKnpZbiMJav27zOajHEu0RZgt6MGZu9-R01k2ZPRZeo4c25iwMg4ZajiFhuhuybw00rkiHWIon7w84pPH4RPttP1vj3agscphJJx_slOc55znQeB9WaNF9E71i0EkShhUESJcUVmGIRIH1vRC5Z6Vv-0cbQbJ1ArH-GiiaslZhIwbEnN5Qz2z_IEASpFlGB286VtsPw6umti2KjL-IJR1BaS68jBSwXOykYYOD5OLOfloHCdHHQzOYi6tQIbj8esu7_dOVg9TWHY2V-DIG.NAP-Hq548WWYjqzuJzO5Mg; Path=/; Secure; HttpOnly; SameSite=None
oidc_util_hdr_in_get: X-Forwarded-Host=testidcproxy.ofima.ch
oidc_check_x_forwarded_hdr: header X-Forwarded-Host received but OIDCXForwardedHeaders not configured for it
oidc_util_hdr_in_get: Host=testidcproxy.ofima.ch
Host=testidcproxy.ofima.ch
determined absolute redirect uri: https://testidcproxy.ofima.ch/testautidc/redirect_uri
X-Forwarded-Host=testidcproxy.ofima.ch
oidc_check_x_forwarded_hdr: header X-Forwarded-Host received but OIDCXForwardedHeaders not configured for it
Host=testidcproxy.ofima.ch
Host=testidcproxy.ofima.ch
oidc_get_redirect_uri: determined absolute redirect uri: https://testidcproxy.ofima.ch/testautidc/redirect_uri
oidc_proto_authorization_request: enter, issuer=https://sts.windows.net/49078764-2a24-4af0-9d14-12eac502836/, redirect_uri=https://testidcproxy.ofima.ch/testautidc/redirect_uri, state=IfEVk_5HdmW5OG5FFeeEby8NLo, proto_state={"ou":"https://testidcproxy.ofima.ch/testautidc/","om":"get","i":"https://sts.windows.net/49078764-2a24-4af0-9d14-12eac8502836/","rt":"code","n":"q0766t2FMX1rrJ8KiiVWet8crs3hI-DPOZbjsYfOB8","t":1675948829}, code_challenge=(null), auth_request_params=(null), path_scope=(null)
oidc_util_http_add_form_url_encoded_param: processing: response_type=code
oidc_util_http_add_form_url_encoded_param: processing: scope=openid
oidc_util_http_add_form_url_encoded_param: processing: client_id=1fdab53e-8339-4dc0-a228-171fad1921fa
oidc_util_http_add_form_url_encoded_param: processing: state=IfEVk_5HdmW5OG5eFFeeEby8NLo
oidc_util_http_add_form_url_encoded_param: processing: redirect_uri=https://testidcproxy.ofima.ch/testautidc/redirect_uri
oidc_util_http_add_form_url_encoded_param: processing: nonce=q0766t2FMX1rrJ8KFiiVWet8cr3hI-DPOZbjsYfOB8
oidc_util_http_query_encoded_url: url=https://login.windows.net/49078764-2a24-4af0-9d14-12eac8502836/oauth2/authorize?response_type=code&scope=openid&client_id=1fdab53e-8339-4dc0-a228-171fad1921fa&state=IfEVk_5HdmW5OG5eFFeeEby8NLo&redirect_uri=https%3A%2F%2Ftestidcproxy.ofima.ch%2Ftestautidc%2Fredirect_uri&nonce=q0766t2FMX1rrJ8KFiVWet8crs3hI-DPOZbjsYfOB8
oidc_util_hdr_table_set: Location: https://login.windows.net/49078764-2a24-4af0-9d14-12eac8502836/oauth2/authorize?response_type=code&scope=openid&client_id=1fdab53e-8339-4dc0-a228-171fd1921fa&state=IfEVk_5HdmW5OG5eFFeeEby8No&redirect_uri=https%3A%2F%2Ftestidcproxy.ofima.ch%2Ftestautidc%2Fredirect_uri&nonce=q0766t2FMX1rrJ8KFiiVWet8crs3hI-DPOZbjsYfOB8
oidc_util_hdr_err_out_add: Cache-Control: no-cache, no-store, max-age=0
oidc_proto_authorization_request: return: 302

10 replies

sirpatrick2 Feb 20, 2023
Author

Yes indeed. But I can't figure what could be the problem. Here is my trace from chrome:

zandbelt Feb 20, 2023
Maintainer

which version of mod_auth_openidc are you using?

sirpatrick2 Feb 20, 2023
Author

openSUSE Leap 15.4
Apache/2.4.51
mod_auth_openidc-2.4.12.2

zandbelt Feb 20, 2023
Maintainer

set LogLevel auth_openidc:debug and check the logs; they would say more about why it keeps re-authenticating, e.g. (a) no state cookie is found on return (if there's a URL/hostname/cookie naming issue) or (b) the state doesn't match (if you're behind a proxy that changes the X-Forwarded-For header).

sirpatrick2 Feb 20, 2023
Author

I don't see those errors, but this part just keeps repeating in my log.

[Mon Feb 20 10:27:06.379917 2023] [auth_openidc:debug] [pid 20464] src/mod_auth_openidc.c(4048): [client 192.168.99.80:53286] **oidc_check_user_id: incoming request**: "/testautidc/testautidc/redirect_uri?code=0.AU8AZ[....]d924", ap_is_initial_req(r)=1, referer: https://login.microsoftonline.com/
[Mon Feb 20 10:27:06.380163 2023] [auth_openidc:debug] [pid 20464] src/util.c(2565): [client 192.168.99.80:53286] oidc_util_hdr_in_get: Cookie=mod_auth_openidc_state_IRIiGwWynBmXl42t84vyzYgqG88=eyJhbGciOiAiZGlyIiwgImVuYyI6ICJBMjU2R0NNIn0..-M6GQYyIYw0tZgeB.zp37f9lMaVeX5Y7cUMIwZVzn1RW_lQbJfHnULNIKM1ptlPshbIlUuAmd-aSZ-yJ4YmMpqkYPmj7lb1-lj0263rgnKji6eEb7x8kyUqYh2K-PY9S3ivNyPU95h8dfac9JYsDMAIpaZ_SenKAir3shRJE4l5JukoNjEiQJ6ooeR5kxh1SaYMHhyEj_5ytnAStBEE9DrNyIuQ0Z0tpRSSSiFR2-FheF37TINuUKBLDCgYwW5TOS6j94PP-DcxSEV7g-Y2lbcwsDn1hqWzH9FB9vZKSqL3cQ7023k8qfTKHiTRikIyNgHrXyoVKiQswq-d5uz5BTYGeBaC0f1MEI2j7A4BCgUp-mEGcH593XuPpESVG7UMWxeXA5HKG6jcM-fQ14-gxM5PNVLHSy9eRZD7l5X1vPCyNWK3Vj9xbH3BURmDt27kCyMATktnWIXboeZ5dqx7YT8dh8.hNYD19E_t9hvO8Zgq_6Z1A, referer: https://login.microsoftonline.com/
[Mon Feb 20 10:27:06.380236 2023] [auth_openidc:debug] [pid 20464] src/util.c(1281): [client 192.168.99.80:53286] oidc_util_get_cookie: returning "mod_auth_openidc_session" = <null>, referer: https://login.microsoftonline.com/
[Mon Feb 20 10:27:06.380268 2023] [auth_openidc:debug] [pid 20464] src/util.c(1443): [client 192.168.99.80:53286] oidc_util_request_matches_url: comparing "/testautidc/testautidc/redirect_uri"=="/testautidc/redirect_uri", referer: https://login.microsoftonline.com/
[Mon Feb 20 10:27:06.380298 2023] [auth_openidc:debug] [pid 20464] src/util.c(2565): [client 192.168.99.80:53286] oidc_util_hdr_in_get: Sec-Fetch-Mode=navigate, referer: https://login.microsoftonline.com/
[Mon Feb 20 10:27:06.380323 2023] [auth_openidc:debug] [pid 20464] src/util.c(2565): [client 192.168.99.80:53286] oidc_util_hdr_in_get: Sec-Fetch-Mode=navigate, referer: https://login.microsoftonline.com/
[Mon Feb 20 10:27:06.380348 2023] [auth_openidc:debug] [pid 20464] src/util.c(2565): [client 192.168.99.80:53286] oidc_util_hdr_in_get: Sec-Fetch-Dest=document, referer: https://login.microsoftonline.com/
[Mon Feb 20 10:27:06.380372 2023] [auth_openidc:debug] [pid 20464] src/util.c(2565): [client 192.168.99.80:53286] oidc_util_hdr_in_get: Sec-Fetch-Dest=document, referer: https://login.microsoftonline.com/
[Mon Feb 20 10:27:06.380397 2023] [auth_openidc:debug] [pid 20464] src/util.c(2565): [client 192.168.99.80:53286] oidc_util_hdr_in_get: Accept=text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7, referer: https://login.microsoftonline.com/
[Mon Feb 20 10:27:06.380426 2023] [auth_openidc:debug] [pid 20464] src/util.c(2565): [client 192.168.99.80:53286] oidc_util_hdr_in_get: X-Forwarded-Host=testidcproxy.ofima.ch, referer: https://login.microsoftonline.com/
[Mon Feb 20 10:27:06.380475 2023] [auth_openidc:debug] [pid 20464] src/util.c(2565): [client 192.168.99.80:53286] oidc_util_hdr_in_get: X-Forwarded-Host=testidcproxy.ofima.ch, referer: https://login.microsoftonline.com/
[Mon Feb 20 10:27:06.380501 2023] [auth_openidc:debug] [pid 20464] src/util.c(2565): [client 192.168.99.80:53286] oidc_util_hdr_in_get: X-Forwarded-Host=testidcproxy.ofima.ch, referer: https://login.microsoftonline.com/
[Mon Feb 20 10:27:06.380531 2023] [auth_openidc:debug] [pid 20464] src/util.c(685): [client 192.168.99.80:53286] oidc_get_current_url: current URL 'https://testidcproxy.ofima.ch/testautidc/testautidc/redirect_uri?code=0.AU8AZIc[....]d924', referer: https://login.microsoftonline.com/
[Mon Feb 20 10:27:06.380619 2023] [auth_openidc:debug] [pid 20464] src/mod_auth_openidc.c(2258): [client 192.168.99.80:53286] oidc_authenticate_user: enter, referer: https://login.microsoftonline.com/
[Mon Feb 20 10:27:06.380652 2023] [auth_openidc:debug] [pid 20464] src/cache/common.c(272): [client 192.168.99.80:53286] oidc_cache_get: enter: https://sts.windows.net/49078764-2a24-4af0-9d14-12eac8502836/.well-known/openid-configuration (section=p, decrypt=0, type=shm), referer: https://login.microsoftonline.com/
[Mon Feb 20 10:27:06.380731 2023] [auth_openidc:debug] [pid 20464] src/cache/common.c(304): [client 192.168.99.80:53286] oidc_cache_get: cache hit: return 1736 bytes from shm cache backend for key https://sts.windows.net/49078764-2a24-4af0-9d14-12eac8502836/.well-known/openid-configuration, referer: https://login.microsoftonline.com/
[Mon Feb 20 10:27:06.381060 2023] [auth_openidc:debug] [pid 20464] src/proto.c(69): [client 192.168.99.80:53286] oidc_proto_generate_random_bytes: apr_generate_random_bytes call for 32 bytes, referer: https://login.microsoftonline.com/
[Mon Feb 20 10:27:06.381110 2023] [auth_openidc:debug] [pid 20464] src/proto.c(71): [client 192.168.99.80:53286] oidc_proto_generate_random_bytes: apr_generate_random_bytes returned, referer: https://login.microsoftonline.com/
[Mon Feb 20 10:27:06.381156 2023] [auth_openidc:debug] [pid 20464] src/util.c(1443): [client 192.168.99.80:53286] oidc_util_request_matches_url: comparing "/testautidc/testautidc/redirect_uri"=="/testautidc/redirect_uri", referer: https://login.microsoftonline.com/
[Mon Feb 20 10:27:06.381189 2023] [auth_openidc:debug] [pid 20464] src/mod_auth_openidc.c(209): [client 192.168.99.80:53286] oidc_get_browser_state_hash: enter, referer: https://login.microsoftonline.com/
[Mon Feb 20 10:27:06.381216 2023] [auth_openidc:debug] [pid 20464] src/util.c(2565): [client 192.168.99.80:53286] oidc_util_hdr_in_get: X-Forwarded-For=192.1.2.127, referer: https://login.microsoftonline.com/
[Mon Feb 20 10:27:06.381246 2023] [auth_openidc:debug] [pid 20464] src/util.c(2565): [client 192.168.99.80:53286] oidc_util_hdr_in_get: User-Agent=Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36 Edg/110.0.1587.50, referer: https://login.microsoftonline.com/
[Mon Feb 20 10:27:06.381308 2023] [auth_openidc:debug] [pid 20464] src/util.c(2380): [client 192.168.99.80:53286] oidc_util_create_symmetric_key: key_len=32, referer: https://login.microsoftonline.com/
[Mon Feb 20 10:27:06.381609 2023] [auth_openidc:debug] [pid 20464] src/util.c(2565): [client 192.168.99.80:53286] oidc_util_hdr_in_get: Cookie=mod_auth_openidc_state_IRIiGwWynBmXl42t84vyzYgqG88=eyJhbGciOiAiZGlyIiwgImVuYyI6ICJBMjU2R0NNIn0..-M6GQYyIYw0tZgeB.zp37f9lMaVeX5Y7cUMIwZVzn1RW_lQbJfHnULNIKM1ptlPshbIlUuAmd-aSZ-yJ4YmMpqkYPmj7lb1-lj0263rgnKji6eEb7x8kyUqYh2K-PY9S3ivNyPU95h8dfac9JYsDMAIpaZ_SenKAir3shRJE4l5JukoNjEiQJ6ooeR5kxh1SaYMHhyEj_5ytnAStBEE9DrNyIuQ0Z0tpRSSSiFR2-FheF37TINuUKBLDCgYwW5TOS6j94PP-DcxSEV7g-Y2lbcwsDn1hqWzH9FB9vZKSqL3cQ7023k8qfTKHiTRikIyNgHrXyoVKiQswq-d5uz5BTYGeBaC0f1MEI2j7A4BCgUp-mEGcH593XuPpESVG7UMWxeXA5HKG6jcM-fQ14-gxM5PNVLHSy9eRZD7l5X1vPCyNWK3Vj9xbH3BURmDt27kCyMATktnWIXboeZ5dqx7YT8dh8.hNYD19E_t9hvO8Zgq_6Z1A, referer: https://login.microsoftonline.com/
[Mon Feb 20 10:27:06.381725 2023] [auth_openidc:debug] [pid 20464] src/util.c(199): [client 192.168.99.80:53286] oidc_util_jwt_verify: enter: JWT header={"alg": "dir", "enc": "A256GCM"}, referer: https://login.microsoftonline.com/
[Mon Feb 20 10:27:06.381766 2023] [auth_openidc:debug] [pid 20464] src/util.c(2380): [client 192.168.99.80:53286] oidc_util_create_symmetric_key: key_len=32, referer: https://login.microsoftonline.com/
[Mon Feb 20 10:27:06.381992 2023] [auth_openidc:debug] [pid 20464] src/util.c(1171): [client 192.168.99.80:53286] oidc_util_set_cookie_append_value: no cookie append environment variable OIDC_SET_COOKIE_APPEND found, referer: https://login.microsoftonline.com/
[Mon Feb 20 10:27:06.382064 2023] [auth_openidc:debug] [pid 20464] src/util.c(2643): [client 192.168.99.80:53286] oidc_util_hdr_err_out_add: Set-Cookie: mod_auth_openidc_state_QrBK9aZnNi[.....]uGQ; Path=/; Secure; HttpOnly; SameSite=None, referer: https://login.microsoftonline.com/
[Mon Feb 20 10:27:06.382195 2023] [auth_openidc:debug] [pid 20464] src/proto.c(647): [client 192.168.99.80:53286] oidc_proto_authorization_request: enter, issuer=https://sts.windows.net/49078764-2a24-4af0-9d14-12eac8502836/, redirect_uri=https://testidcproxy.ofima.ch/testautidc/redirect_uri, state=QrBK9aZnNiGgIQNJmBysz_HgE2g, proto_state={"ou":"https://testidcproxy.ofima.ch/testautidc/testautidc/redirect_uri?code=0.AU8AZIc[.....]d924","om":"get","i":"https://sts.windows.net/49078764-2a24-4af0-9d14-12eac8502836/","rt":"code","n":"DboBYD-1AYIbPA681eSQK6YPqXwEJorIiTnba29y2sk","t":1676885226}, code_challenge=(null), auth_request_params=(null), path_scope=(null), referer: https://login.microsoftonline.com/
[Mon Feb 20 10:27:06.382294 2023] [auth_openidc:debug] [pid 20464] src/util.c(787): [client 192.168.99.80:53286] oidc_util_http_add_form_url_encoded_param: processing: response_type=code, referer: https://login.microsoftonline.com/
[Mon Feb 20 10:27:06.382503 2023] [auth_openidc:debug] [pid 20464] src/util.c(787): [client 192.168.99.80:53286] oidc_util_http_add_form_url_encoded_param: processing: scope=openid, referer: https://login.microsoftonline.com/
[Mon Feb 20 10:27:06.382575 2023] [auth_openidc:debug] [pid 20464] src/util.c(787): [client 192.168.99.80:53286] oidc_util_http_add_form_url_encoded_param: processing: client_id=ca0ba4a4-f522-4891-aa55-34355ef7c175, referer: https://login.microsoftonline.com/
[Mon Feb 20 10:27:06.382632 2023] [auth_openidc:debug] [pid 20464] src/util.c(787): [client 192.168.99.80:53286] oidc_util_http_add_form_url_encoded_param: processing: state=QrBK9aZnNiGgIQNJmBysz_HgE2g, referer: https://login.microsoftonline.com/
[Mon Feb 20 10:27:06.382682 2023] [auth_openidc:debug] [pid 20464] src/util.c(787): [client 192.168.99.80:53286] oidc_util_http_add_form_url_encoded_param: processing: redirect_uri=https://testidcproxy.ofima.ch/testautidc/redirect_uri, referer: https://login.microsoftonline.com/
[Mon Feb 20 10:27:06.382741 2023] [auth_openidc:debug] [pid 20464] src/util.c(787): [client 192.168.99.80:53286] oidc_util_http_add_form_url_encoded_param: processing: nonce=DboBYD-1AYIbPA681eSQK6YPqXwEJorIiTnba29y2sk, referer: https://login.microsoftonline.com/
[Mon Feb 20 10:27:06.382795 2023] [auth_openidc:debug] [pid 20464] src/util.c(816): [client 192.168.99.80:53286] oidc_util_http_query_encoded_url: url=https://login.windows.net/49078764-2a24-4af0-9d14-12eac8502836/oauth2/authorize?response_type=code&scope=openid&client_id=ca0ba4a4-f522-4891-aa55-34355ef7c175&state=QrBK9aZnNiGgIQNJmBysz_HgE2g&redirect_uri=https%3A%2F%2Ftestidcproxy.ofima.ch%2Ftestautidc%2Fredirect_uri&nonce=DboBYD-1AYIbPA681eSQK6YPqXwEJorIiTnba29y2sk, referer: https://login.microsoftonline.com/
[Mon Feb 20 10:27:06.382839 2023] [auth_openidc:debug] [pid 20464] src/util.c(2621): [client 192.168.99.80:53286] oidc_util_hdr_table_set: Location: https://login.windows.net/49078764-2a24-4af0-9d14-12eac8502836/oauth2/authorize?response_type=code&scope=openid&client_id=ca0ba4a4-f522-4891-aa55-34355ef7c175&state=QrBK9aZnNiGgIQNJmBysz_HgE2g&redirect_uri=https%3A%2F%2Ftestidcproxy.ofima.ch%2Ftestautidc%2Fredirect_uri&nonce=DboBYD-1AYIbPA681eSQK6YPqXwEJorIiTnba29y2sk, referer: https://login.microsoftonline.com/
[Mon Feb 20 10:27:06.382871 2023] [auth_openidc:debug] [pid 20464] src/util.c(2643): [client 192.168.99.80:53286] oidc_util_hdr_err_out_add: Cache-Control: no-cache, no-store, max-age=0, referer: https://login.microsoftonline.com/
[Mon Feb 20 10:27:06.382897 2023] [auth_openidc:debug] [pid 20464] src/proto.c(785): [client 192.168.99.80:53286] oidc_proto_authorization_request: return: 302, referer: https://login.microsoftonline.com/
[Mon Feb 20 10:27:06.580246 2023] [auth_openidc:debug] [pid 20464] src/mod_auth_openidc.c(4048): [client 192.168.99.80:53286] **oidc_check_user_id: incoming request**: "/testautidc/testautidc/redirect_uri?code=0.AU8[.....]2g&session_state=f258ab68-2df6-4d27-985c-d3061933d924", ap_is_initial_req(r)=1, referer: https://login.microsoftonline.com/

This part just keeps repeating then.
I am behind a reverseProxy, should I set something for forwarding the cookie, eg. X-Forwarded-For?

zandbelt · 2023-02-20T09:52:03Z

zandbelt
Feb 20, 2023
Maintainer

the Redirect URI is set to /testautidc/redirect_uri but the response comes in to /testautidc/testautidc/redirect_uri so mod_auth_openidc does not see this as an authorization response; you'll need to sort out proxying of that URL, best would be to use ProxyPass "/" "https://lxinp.ofima.ch/ or make separate ProxyPass statement for the Redirect URI only

0 replies

sirpatrick2 · 2023-02-20T16:03:41Z

sirpatrick2
Feb 20, 2023
Author

I tried separate ProxyPass as suggested:

 ProxyPreserveHost On

 ProxyPass        "/" "https://lxinp.ofima.ch/testautidc/"
 ProxyPassReverse "/" "https://lxinp.ofima.ch/testautidc/"
 
 ProxyPass        "/testautidc/redirect_uri" "https://lxinp.ofima.ch/testautidc/redirect_uri/"
 ProxyPassReverse "/testautidc/redirect_uri" "https://lxinp.ofima.ch/testautidc/redirect_uri/"

But still cannot get rid of that double /testautidc/testautidc/redirect_uri in oidc_get_current_url

oidc_get_current_url: current URL 'https://testidcproxy.ofima.ch/testautidc/testautidc/redirect_uri?code=0.AU8AZIcHSSQq8EqdFBLqyFAoNqSkC8oi9ZFIqlU0NV73wXVPAAA.A[...]

1 reply

zandbelt Feb 20, 2023
Maintainer

https://stackoverflow.com/questions/25995277/apache-mod-proxy-proxypass-order-of-matching

sirpatrick2 · 2023-02-21T07:16:50Z

sirpatrick2
Feb 21, 2023
Author

OK, I changed the ProxyPass order to make the redirect before, but same result.
Then I just commented and left just one proxyPass and still cannot login via Proxy.

<VirtualHost *:443>
 ServerName testidcproxy.ofima.ch:443
    ProxyPass              "/" "https://lxinp.ofima.ch/testautidc/"
    ProxyPassReverse  "/" "https://lxinp.ofima.ch/testautidc/"

    SSLEngine On
    SSLCertificateFile /etc/apache2/ssl.crt/star_ofima_ch.crt
    SSLCertificateKeyFile /etc/apache2/ssl.key/star_ofima_ch.key
    SSLCertificateChainFile /etc/apache2/ssl.crt/SectigoRSAOVBundle.pem
    SSLProxyEngine on
</VirtualHost>

Here the log:

[Tue Feb 21 08:05:28.210266 2023] [auth_openidc:debug] [pid 18290] src/mod_auth_openidc.c(4048): [client 192.168.99.80:60760] oidc_check_user_id: incoming request: "/testautidc/?(null)", ap_is_initial_req(r)=1
[Tue Feb 21 08:05:28.210401 2023] [auth_openidc:debug] [pid 18290] src/util.c(2565): [client 192.168.99.80:60760] oidc_util_hdr_in_get: X-Forwarded-Host=testidcproxy.ofima.ch
[Tue Feb 21 08:05:28.210437 2023] [auth_openidc:warn] [pid 18290] [client 192.168.99.80:60760] oidc_check_x_forwarded_hdr: header X-Forwarded-Host received but OIDCXForwardedHeaders not configured for it
[Tue Feb 21 08:05:28.210468 2023] [auth_openidc:debug] [pid 18290] src/util.c(2565): [client 192.168.99.80:60760] oidc_util_hdr_in_get: Host=lxinp.ofima.ch
[Tue Feb 21 08:05:28.210493 2023] [auth_openidc:debug] [pid 18290] src/util.c(2565): [client 192.168.99.80:60760] oidc_util_hdr_in_get: Host=lxinp.ofima.ch
[Tue Feb 21 08:05:28.210519 2023] [auth_openidc:debug] [pid 18290] src/util.c(704): [client 192.168.99.80:60760] oidc_get_redirect_uri: determined absolute redirect uri: https://lxinp.ofima.ch/testautidc/redirect_uri
[Tue Feb 21 08:05:28.210548 2023] [auth_openidc:debug] [pid 18290] src/util.c(1281): [client 192.168.99.80:60760] oidc_util_get_cookie: returning "mod_auth_openidc_session" = <null>
[Tue Feb 21 08:05:28.210573 2023] [auth_openidc:debug] [pid 18290] src/util.c(2565): [client 192.168.99.80:60760] oidc_util_hdr_in_get: X-Forwarded-Host=testidcproxy.ofima.ch
[Tue Feb 21 08:05:28.210598 2023] [auth_openidc:warn] [pid 18290] [client 192.168.99.80:60760] oidc_check_x_forwarded_hdr: header X-Forwarded-Host received but OIDCXForwardedHeaders not configured for it
[Tue Feb 21 08:05:28.210623 2023] [auth_openidc:debug] [pid 18290] src/util.c(2565): [client 192.168.99.80:60760] oidc_util_hdr_in_get: Host=lxinp.ofima.ch
[Tue Feb 21 08:05:28.210647 2023] [auth_openidc:debug] [pid 18290] src/util.c(2565): [client 192.168.99.80:60760] oidc_util_hdr_in_get: Host=lxinp.ofima.ch
[Tue Feb 21 08:05:28.210671 2023] [auth_openidc:debug] [pid 18290] src/util.c(704): [client 192.168.99.80:60760] oidc_get_redirect_uri: determined absolute redirect uri: https://lxinp.ofima.ch/testautidc/redirect_uri
[Tue Feb 21 08:05:28.210698 2023] [auth_openidc:debug] [pid 18290] src/util.c(1443): [client 192.168.99.80:60760] oidc_util_request_matches_url: comparing "/testautidc/"=="/testautidc/redirect_uri"
[Tue Feb 21 08:05:28.210725 2023] [auth_openidc:debug] [pid 18290] src/util.c(2565): [client 192.168.99.80:60760] oidc_util_hdr_in_get: Sec-Fetch-Mode=navigate
[Tue Feb 21 08:05:28.210748 2023] [auth_openidc:debug] [pid 18290] src/util.c(2565): [client 192.168.99.80:60760] oidc_util_hdr_in_get: Sec-Fetch-Mode=navigate
[Tue Feb 21 08:05:28.210773 2023] [auth_openidc:debug] [pid 18290] src/util.c(2565): [client 192.168.99.80:60760] oidc_util_hdr_in_get: Sec-Fetch-Dest=document
[Tue Feb 21 08:05:28.210797 2023] [auth_openidc:debug] [pid 18290] src/util.c(2565): [client 192.168.99.80:60760] oidc_util_hdr_in_get: Sec-Fetch-Dest=document
[Tue Feb 21 08:05:28.210821 2023] [auth_openidc:debug] [pid 18290] src/util.c(2565): [client 192.168.99.80:60760] oidc_util_hdr_in_get: Accept=text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
[Tue Feb 21 08:05:28.210878 2023] [auth_openidc:debug] [pid 18290] src/util.c(2565): [client 192.168.99.80:60760] oidc_util_hdr_in_get: X-Forwarded-Host=testidcproxy.ofima.ch
[Tue Feb 21 08:05:28.210907 2023] [auth_openidc:warn] [pid 18290] [client 192.168.99.80:60760] oidc_check_x_forwarded_hdr: header X-Forwarded-Host received but OIDCXForwardedHeaders not configured for it
[Tue Feb 21 08:05:28.210932 2023] [auth_openidc:debug] [pid 18290] src/util.c(2565): [client 192.168.99.80:60760] oidc_util_hdr_in_get: Host=lxinp.ofima.ch
[Tue Feb 21 08:05:28.210956 2023] [auth_openidc:debug] [pid 18290] src/util.c(2565): [client 192.168.99.80:60760] oidc_util_hdr_in_get: Host=lxinp.ofima.ch
[Tue Feb 21 08:05:28.211025 2023] [auth_openidc:debug] [pid 18290] src/util.c(685): [client 192.168.99.80:60760] oidc_get_current_url: current URL 'https://lxinp.ofima.ch/testautidc/'
[Tue Feb 21 08:05:28.211054 2023] [auth_openidc:debug] [pid 18290] src/mod_auth_openidc.c(2258): [client 192.168.99.80:60760] oidc_authenticate_user: enter
[Tue Feb 21 08:05:28.211082 2023] [auth_openidc:debug] [pid 18290] src/cache/common.c(272): [client 192.168.99.80:60760] oidc_cache_get: enter: https://sts.windows.net/49078764-2a24-4af0-9d14-12eac8502836/.well-known/openid-configuration (section=p, decrypt=0, type=shm)
[Tue Feb 21 08:05:28.211121 2023] [auth_openidc:debug] [pid 18290] src/cache/common.c(304): [client 192.168.99.80:60760] oidc_cache_get: cache hit: return 1736 bytes from shm cache backend for key https://sts.windows.net/49078764-2a24-4af0-9d14-12eac8502836/.well-known/openid-configuration
[Tue Feb 21 08:05:28.211403 2023] [auth_openidc:debug] [pid 18290] src/proto.c(69): [client 192.168.99.80:60760] oidc_proto_generate_random_bytes: apr_generate_random_bytes call for 32 bytes
[Tue Feb 21 08:05:28.211458 2023] [auth_openidc:debug] [pid 18290] src/proto.c(71): [client 192.168.99.80:60760] oidc_proto_generate_random_bytes: apr_generate_random_bytes returned
[Tue Feb 21 08:05:28.211494 2023] [auth_openidc:debug] [pid 18290] src/util.c(2565): [client 192.168.99.80:60760] oidc_util_hdr_in_get: X-Forwarded-Host=testidcproxy.ofima.ch
[Tue Feb 21 08:05:28.211521 2023] [auth_openidc:warn] [pid 18290] [client 192.168.99.80:60760] oidc_check_x_forwarded_hdr: header X-Forwarded-Host received but OIDCXForwardedHeaders not configured for it
[Tue Feb 21 08:05:28.211547 2023] [auth_openidc:debug] [pid 18290] src/util.c(2565): [client 192.168.99.80:60760] oidc_util_hdr_in_get: Host=lxinp.ofima.ch
[Tue Feb 21 08:05:28.211571 2023] [auth_openidc:debug] [pid 18290] src/util.c(2565): [client 192.168.99.80:60760] oidc_util_hdr_in_get: Host=lxinp.ofima.ch
[Tue Feb 21 08:05:28.211596 2023] [auth_openidc:debug] [pid 18290] src/util.c(704): [client 192.168.99.80:60760] oidc_get_redirect_uri: determined absolute redirect uri: https://lxinp.ofima.ch/testautidc/redirect_uri
[Tue Feb 21 08:05:28.211622 2023] [auth_openidc:debug] [pid 18290] src/util.c(1443): [client 192.168.99.80:60760] oidc_util_request_matches_url: comparing "/testautidc/"=="/testautidc/redirect_uri"
[Tue Feb 21 08:05:28.211653 2023] [auth_openidc:debug] [pid 18290] src/mod_auth_openidc.c(209): [client 192.168.99.80:60760] oidc_get_browser_state_hash: enter
[Tue Feb 21 08:05:28.211678 2023] [auth_openidc:debug] [pid 18290] src/util.c(2565): [client 192.168.99.80:60760] oidc_util_hdr_in_get: X-Forwarded-For=192.1.2.127
[Tue Feb 21 08:05:28.211704 2023] [auth_openidc:debug] [pid 18290] src/util.c(2565): [client 192.168.99.80:60760] oidc_util_hdr_in_get: User-Agent=Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36 Edg/110.0.1587.50
[Tue Feb 21 08:05:28.211750 2023] [auth_openidc:debug] [pid 18290] src/util.c(2380): [client 192.168.99.80:60760] oidc_util_create_symmetric_key: key_len=32
[Tue Feb 21 08:05:28.211891 2023] [auth_openidc:debug] [pid 18290] src/util.c(1171): [client 192.168.99.80:60760] oidc_util_set_cookie_append_value: no cookie append environment variable OIDC_SET_COOKIE_APPEND found
[Tue Feb 21 08:05:28.211952 2023] [auth_openidc:debug] [pid 18290] src/util.c(2643): [client 192.168.99.80:60760] oidc_util_hdr_err_out_add: Set-Cookie: mod_auth_openidc_state_zvABbJBuekr2TKDb-Ilj3Nqq8Xc=eyJhbGciOiAiZGlyIiwgImVuYyI6ICJBMjU2R0NNIn0..HV_prmDD1AmdTEIU.Wl1kACdlQUa3tIWVIK-bNjsnMqcyukABbJFTPozgSR-lQUyfIU5ABZFiQYKCvatYRfJ7JG66RRy8m0EkAni5BsMDcXK8poxC_xYSFqtSvxseyJVenoQY_EcAZtF3BInRoN9fAAg8M695S_Yp0wbXzu5cNw_xeS-HRlIHj0OLUfzlgAQfGIY95bgPgPnvxEzoqHUikmEl7JmPy33xIdFYk2G1OeH92Xy1unBn50er_sOXSv2fGQ0FmTAhlI23EjiW4K5Eibog0muY3t8aM5Rmexb2hFcUpOo8WJK6tA5LZn0dN5DEA0Hua52HKqgMPjoI7S4_ouI9VXfONTbuNwACSFUssj8DgVm1A0UNsSYOGPOFHDq-ZTPxCDGQkq4x_yEtBpmgGaDFmTsjQ_FN2FvSCLtoUtRXHFZNfVxEvWheWyCLzR3yiSR01jd6WaZo.RAhFV43JnhQCH2ldOO4ylw; Path=/; Secure; HttpOnly; SameSite=None
[Tue Feb 21 08:05:28.212028 2023] [auth_openidc:debug] [pid 18290] src/util.c(2565): [client 192.168.99.80:60760] oidc_util_hdr_in_get: X-Forwarded-Host=testidcproxy.ofima.ch
[Tue Feb 21 08:05:28.212057 2023] [auth_openidc:warn] [pid 18290] [client 192.168.99.80:60760] oidc_check_x_forwarded_hdr: header X-Forwarded-Host received but OIDCXForwardedHeaders not configured for it
[Tue Feb 21 08:05:28.212084 2023] [auth_openidc:debug] [pid 18290] src/util.c(2565): [client 192.168.99.80:60760] oidc_util_hdr_in_get: Host=lxinp.ofima.ch
[Tue Feb 21 08:05:28.212109 2023] [auth_openidc:debug] [pid 18290] src/util.c(2565): [client 192.168.99.80:60760] oidc_util_hdr_in_get: Host=lxinp.ofima.ch
[Tue Feb 21 08:05:28.212135 2023] [auth_openidc:debug] [pid 18290] src/util.c(704): [client 192.168.99.80:60760] oidc_get_redirect_uri: determined absolute redirect uri: https://lxinp.ofima.ch/testautidc/redirect_uri
[Tue Feb 21 08:05:28.212162 2023] [auth_openidc:debug] [pid 18290] src/util.c(2565): [client 192.168.99.80:60760] oidc_util_hdr_in_get: X-Forwarded-Host=testidcproxy.ofima.ch
[Tue Feb 21 08:05:28.212188 2023] [auth_openidc:warn] [pid 18290] [client 192.168.99.80:60760] oidc_check_x_forwarded_hdr: header X-Forwarded-Host received but OIDCXForwardedHeaders not configured for it
[Tue Feb 21 08:05:28.212213 2023] [auth_openidc:debug] [pid 18290] src/util.c(2565): [client 192.168.99.80:60760] oidc_util_hdr_in_get: Host=lxinp.ofima.ch
[Tue Feb 21 08:05:28.212238 2023] [auth_openidc:debug] [pid 18290] src/util.c(2565): [client 192.168.99.80:60760] oidc_util_hdr_in_get: Host=lxinp.ofima.ch
[Tue Feb 21 08:05:28.212263 2023] [auth_openidc:debug] [pid 18290] src/util.c(704): [client 192.168.99.80:60760] oidc_get_redirect_uri: determined absolute redirect uri: https://lxinp.ofima.ch/testautidc/redirect_uri
[Tue Feb 21 08:05:28.212305 2023] [auth_openidc:debug] [pid 18290] src/proto.c(647): [client 192.168.99.80:60760] oidc_proto_authorization_request: enter, issuer=https://sts.windows.net/49078764-2a24-4af0-9d14-12eac8502836/, redirect_uri=https://lxinp.ofima.ch/testautidc/redirect_uri, state=zvABbJBuekr2TKDb-Ilj3Nqq8Xc, proto_state={"ou":"https://lxinp.ofima.ch/testautidc/","om":"get","i":"https://sts.windows.net/49078764-2a24-4af0-9d14-12eac8502836/","rt":"code","n":"uxDBPhKX1ByjKmHxlz88It6ha5S8wAL8Q75__21iE1Y","t":1676963128}, code_challenge=(null), auth_request_params=(null), path_scope=(null)
[Tue Feb 21 08:05:28.212342 2023] [auth_openidc:debug] [pid 18290] src/util.c(787): [client 192.168.99.80:60760] oidc_util_http_add_form_url_encoded_param: processing: response_type=code
[Tue Feb 21 08:05:28.212420 2023] [auth_openidc:debug] [pid 18290] src/util.c(787): [client 192.168.99.80:60760] oidc_util_http_add_form_url_encoded_param: processing: scope=openid
[Tue Feb 21 08:05:28.212481 2023] [auth_openidc:debug] [pid 18290] src/util.c(787): [client 192.168.99.80:60760] oidc_util_http_add_form_url_encoded_param: processing: client_id=ca0ba4a4-f522-4891-aa55-34355ef7c175
[Tue Feb 21 08:05:28.212538 2023] [auth_openidc:debug] [pid 18290] src/util.c(787): [client 192.168.99.80:60760] oidc_util_http_add_form_url_encoded_param: processing: state=zvABbJBuekr2TKDb-Ilj3Nqq8Xc
[Tue Feb 21 08:05:28.212589 2023] [auth_openidc:debug] [pid 18290] src/util.c(787): [client 192.168.99.80:60760] oidc_util_http_add_form_url_encoded_param: processing: redirect_uri=https://lxinp.ofima.ch/testautidc/redirect_uri
[Tue Feb 21 08:05:28.212651 2023] [auth_openidc:debug] [pid 18290] src/util.c(787): [client 192.168.99.80:60760] oidc_util_http_add_form_url_encoded_param: processing: nonce=uxDBPhKX1ByjKmHxlz88It6ha5S8wAL8Q75__21iE1Y
[Tue Feb 21 08:05:28.212708 2023] [auth_openidc:debug] [pid 18290] src/util.c(816): [client 192.168.99.80:60760] oidc_util_http_query_encoded_url: url=https://login.windows.net/49078764-2a24-4af0-9d14-12eac8502836/oauth2/authorize?response_type=code&scope=openid&client_id=ca0ba4a4-f522-4891-aa55-34355ef7c175&state=zvABbJBuekr2TKDb-Ilj3Nqq8Xc&redirect_uri=https%3A%2F%2Flxinp.ofima.ch%2Ftestautidc%2Fredirect_uri&nonce=uxDBPhKX1ByjKmHxlz88It6ha5S8wAL8Q75__21iE1Y
[Tue Feb 21 08:05:28.212780 2023] [auth_openidc:debug] [pid 18290] src/util.c(2621): [client 192.168.99.80:60760] oidc_util_hdr_table_set: Location: https://login.windows.net/49078764-2a24-4af0-9d14-12eac8502836/oauth2/authorize?response_type=code&scope=openid&client_id=ca0ba4a4-f522-4891-aa55-34355ef7c175&state=zvABbJBuekr2TKDb-Ilj3Nqq8Xc&redirect_uri=https%3A%2F%2Flxinp.ofima.ch%2Ftestautidc%2Fredirect_uri&nonce=uxDBPhKX1ByjKmHxlz88It6ha5S8wAL8Q75__21iE1Y
[Tue Feb 21 08:05:28.212814 2023] [auth_openidc:debug] [pid 18290] src/util.c(2643): [client 192.168.99.80:60760] oidc_util_hdr_err_out_add: Cache-Control: no-cache, no-store, max-age=0
[Tue Feb 21 08:05:28.212840 2023] [auth_openidc:debug] [pid 18290] src/proto.c(785): [client 192.168.99.80:60760] oidc_proto_authorization_request: return: 302
[Tue Feb 21 08:05:55.673298 2023] [auth_openidc:debug] [pid 18293] src/mod_auth_openidc.c(4048): [client 192.1.2.127:62653] oidc_check_user_id: incoming request: "/testautidc/redirect_uri?code=0.AU8AZIcHSSQq8EqdFBLqyFAoNqSkC8oi9ZFIqlU0NV73wXVPAAA.AgABAAIAAAD--DLA3VO7QrddgJg7WevrAgDs_wUA9P9JfDu79a8wg0Pcb6Tyvk0IZ6H2mkrhwfvIOnQBj4iDqMFM0NZ5n8A2SHz5mn355n8Ju4DhE-hL0ud-TdEYDoXiCRmkbLrVJ0cgLH969WBbrZkf-syMSJQmmj2olC6VdDH30M436w-OKY6WKD3WbVJstyJvQt9ppiAJqZ_X9Jht2N5tS2MMbv-cMx-1c4MpE2cVjRWszmjsFpELl5bU32ox-p_R43GXJBbRoENI7Pm3Y1Yv7JrTxBwiJHdLwQDhrSfDoLkyXzQssFoHcMsNbwwVSnSd70OVWjB7HikuDb5k9ASckU1V06e99dhMycYE3H8eVNtIyOPPh8liBrwUpWUk6fry6l4N99HIxoctbyOTKpBRfdHdQ1R5xlXk80l2MDQKe5550AOTExlklsyQ7wTSech0uS0hf2Q5k176qXsbxOXiOARjqUJwYCfK3KbAVpss-jRuJgM1dt0IWg4WFno7sRcW8tdxbURvoTsuc1L1YXIvx3zhmMsNUeFtDDS60iwBPn0HLhECSOjLPVXtbiDrb46gk0ISvcxFcSq72X82ywTLFU2-LcX1XyPcbQZqR8atAT6Sj0pH5Ofm31PEbtQiGUIx0bjhKWITCIu9xnFbZUnwuPwC4GTOhVJC_cKA-Qnxd_NSwCR3MghurpP0d-CI0rHkPJLQaf1kjX3jRYNu1X82uYCCuGsPLz_ENiSjCxOb84k4B1Ge3J74iFo0_g&state=zvABbJBuekr2TKDb-Ilj3Nqq8Xc&session_state=499954df-deed-4da5-ab20-919d247a36e2", ap_is_initial_req(r)=1, referer: https://login.microsoftonline.com/
[Tue Feb 21 08:05:55.673411 2023] [auth_openidc:debug] [pid 18293] src/util.c(2565): [client 192.1.2.127:62653] oidc_util_hdr_in_get: Host=lxinp.ofima.ch, referer: https://login.microsoftonline.com/
[Tue Feb 21 08:05:55.673447 2023] [auth_openidc:debug] [pid 18293] src/util.c(2565): [client 192.1.2.127:62653] oidc_util_hdr_in_get: Host=lxinp.ofima.ch, referer: https://login.microsoftonline.com/
[Tue Feb 21 08:05:55.673476 2023] [auth_openidc:debug] [pid 18293] src/util.c(704): [client 192.1.2.127:62653] oidc_get_redirect_uri: determined absolute redirect uri: https://lxinp.ofima.ch/testautidc/redirect_uri, referer: https://login.microsoftonline.com/
[Tue Feb 21 08:05:55.673507 2023] [auth_openidc:debug] [pid 18293] src/util.c(1281): [client 192.1.2.127:62653] oidc_util_get_cookie: returning "mod_auth_openidc_session" = <null>, referer: https://login.microsoftonline.com/
[Tue Feb 21 08:05:55.673535 2023] [auth_openidc:debug] [pid 18293] src/util.c(2565): [client 192.1.2.127:62653] oidc_util_hdr_in_get: Host=lxinp.ofima.ch, referer: https://login.microsoftonline.com/
[Tue Feb 21 08:05:55.673561 2023] [auth_openidc:debug] [pid 18293] src/util.c(2565): [client 192.1.2.127:62653] oidc_util_hdr_in_get: Host=lxinp.ofima.ch, referer: https://login.microsoftonline.com/
[Tue Feb 21 08:05:55.673587 2023] [auth_openidc:debug] [pid 18293] src/util.c(704): [client 192.1.2.127:62653] oidc_get_redirect_uri: determined absolute redirect uri: https://lxinp.ofima.ch/testautidc/redirect_uri, referer: https://login.microsoftonline.com/
[Tue Feb 21 08:05:55.673616 2023] [auth_openidc:debug] [pid 18293] src/util.c(1443): [client 192.1.2.127:62653] oidc_util_request_matches_url: comparing "/testautidc/redirect_uri"=="/testautidc/redirect_uri", referer: https://login.microsoftonline.com/
[Tue Feb 21 08:05:55.673649 2023] [auth_openidc:debug] [pid 18293] src/mod_auth_openidc.c(2083): [client 192.1.2.127:62653] oidc_handle_redirect_authorization_response: enter, referer: https://login.microsoftonline.com/
[Tue Feb 21 08:05:55.673862 2023] [auth_openidc:debug] [pid 18293] src/util.c(1767): [client 192.1.2.127:62653] oidc_util_read_form_encoded_params: read: code=0.AU8AZIcHSSQq8EqdFBLqyFAoNqSkC8oi9ZFIqlU0NV73wXVPAAA.AgABAAIAAAD--DLA3VO7QrddgJg7WevrAgDs_wUA9P9JfDu79a8wg0Pcb6Tyvk0IZ6H2mkrhwfvIOnQBj4iDqMFM0NZ5n8A2SHz5mn355n8Ju4DhE-hL0ud-TdEYDoXiCRmkbLrVJ0cgLH969WBbrZkf-syMSJQmmj2olC6VdDH30M436w-OKY6WKD3WbVJstyJvQt9ppiAJqZ_X9Jht2N5tS2MMbv-cMx-1c4MpE2cVjRWszmjsFpELl5bU32ox-p_R43GXJBbRoENI7Pm3Y1Yv7JrTxBwiJHdLwQDhrSfDoLkyXzQssFoHcMsNbwwVSnSd70OVWjB7HikuDb5k9ASckU1V06e99dhMycYE3H8eVNtIyOPPh8liBrwUpWUk6fry6l4N99HIxoctbyOTKpBRfdHdQ1R5xlXk80l2MDQKe5550AOTExlklsyQ7wTSech0uS0hf2Q5k176qXsbxOXiOARjqUJwYCfK3KbAVpss-jRuJgM1dt0IWg4WFno7sRcW8tdxbURvoTsuc1L1YXIvx3zhmMsNUeFtDDS60iwBPn0HLhECSOjLPVXtbiDrb46gk0ISvcxFcSq72X82ywTLFU2-LcX1XyPcbQZqR8atAT6Sj0pH5Ofm31PEbtQiGUIx0bjhKWITCIu9xnFbZUnwuPwC4GTOhVJC_cKA-Qnxd_NSwCR3MghurpP0d-CI0rHkPJLQaf1kjX3jRYNu1X82uYCCuGsPLz_ENiSjCxOb84k4B1Ge3J74iFo0_g, referer: https://login.microsoftonline.com/
[Tue Feb 21 08:05:55.673941 2023] [auth_openidc:debug] [pid 18293] src/util.c(1767): [client 192.1.2.127:62653] oidc_util_read_form_encoded_params: read: state=zvABbJBuekr2TKDb-Ilj3Nqq8Xc, referer: https://login.microsoftonline.com/
[Tue Feb 21 08:05:55.673994 2023] [auth_openidc:debug] [pid 18293] src/util.c(1767): [client 192.1.2.127:62653] oidc_util_read_form_encoded_params: read: session_state=499954df-deed-4da5-ab20-919d247a36e2, referer: https://login.microsoftonline.com/
[Tue Feb 21 08:05:55.674023 2023] [auth_openidc:debug] [pid 18293] src/util.c(1772): [client 192.1.2.127:62653] oidc_util_read_form_encoded_params: parsed: 910 bytes into 3 elements, referer: https://login.microsoftonline.com/
[Tue Feb 21 08:05:55.674049 2023] [auth_openidc:debug] [pid 18293] src/mod_auth_openidc.c(1899): [client 192.1.2.127:62653] oidc_handle_authorization_response: enter, response_mode=query, referer: https://login.microsoftonline.com/
[Tue Feb 21 08:05:55.674076 2023] [auth_openidc:debug] [pid 18293] src/mod_auth_openidc.c(1523): [client 192.1.2.127:62653] oidc_authorization_response_match_state: enter (state=zvABbJBuekr2TKDb-Ilj3Nqq8Xc), referer: https://login.microsoftonline.com/
[Tue Feb 21 08:05:55.674102 2023] [auth_openidc:debug] [pid 18293] src/mod_auth_openidc.c(616): [client 192.1.2.127:62653] oidc_restore_proto_state: enter, referer: https://login.microsoftonline.com/
[Tue Feb 21 08:05:55.674130 2023] [auth_openidc:debug] [pid 18293] src/util.c(1281): [client 192.1.2.127:62653] oidc_util_get_cookie: returning "mod_auth_openidc_state_zvABbJBuekr2TKDb-Ilj3Nqq8Xc" = <null>, referer: https://login.microsoftonline.com/
[Tue Feb 21 08:05:55.674157 2023] [auth_openidc:error] [pid 18293] [client 192.1.2.127:62653] oidc_restore_proto_state: no "mod_auth_openidc_state_zvABbJBuekr2TKDb-Ilj3Nqq8Xc" state cookie found: check domain and samesite cookie settings, referer: https://login.microsoftonline.com/
[Tue Feb 21 08:05:55.674183 2023] [auth_openidc:error] [pid 18293] [client 192.1.2.127:62653] oidc_authorization_response_match_state: unable to restore state, referer: https://login.microsoftonline.com/
[Tue Feb 21 08:05:55.674209 2023] [auth_openidc:error] [pid 18293] [client 192.1.2.127:62653] oidc_handle_authorization_response: invalid authorization response state and no default SSO URL is set, sending an error..., referer: https://login.microsoftonline.com/

1 reply

zandbelt Feb 21, 2023
Maintainer

[Tue Feb 21 08:05:28.210437 2023] [auth_openidc:warn] [pid 18290] [client 192.168.99.80:60760] oidc_check_x_forwarded_hdr: header X-Forwarded-Host received but OIDCXForwardedHeaders not configured for it

you'll need to configure OIDCXForwardedHeaders as well as use the specific ProxyPass for the redirect_uri before the generic one

sirpatrick2 · 2023-02-21T12:20:09Z

sirpatrick2
Feb 21, 2023
Author

Thanks a lot zandbelt for your precious help.

OK, OIDCXForwardedHeaders configured.
Did specific ProxyPass redirect before the generic as suggested, like this.

<VirtualHost *:443>
 ServerName testidcproxy.ofima.ch:443
 ProxyPreserveHost On
 RequestHeader set X-Forwarded-Proto: "https"
 RequestHeader set X-Forwarded-Port: 443

 ProxyPass        "/testautidc/redirect_uri/" "https://lxinp.ofima.ch/testautidc/redirect_uri/"
 ProxyPassReverse "/testautidc/redirect_uri/" "https://lxinp.ofima.ch/testautidc/redirect_uri/"

 ProxyPass        "/" "https://lxinp.ofima.ch/testautidc/"
 ProxyPassReverse "/" "https://lxinp.ofima.ch/testautidc/"
 

 SSLEngine On
 SSLCertificateFile /etc/apache2/ssl.crt/star_ofima_ch.crt
 SSLCertificateKeyFile /etc/apache2/ssl.key/star_ofima_ch.key
 SSLCertificateChainFile /etc/apache2/ssl.crt/SectigoRSAOVBundle.pem

 SSLProxyEngine on
</VirtualHost>

But still got those oidc_util_request_matches_url: comparing "/testautidc/testautidc/redirect_uri"=="/testautidc/redirect_uri" in my log file.
How can I write the specific redirect proxy to have the correct match?

ProxyPass        "/testautidc/redirect_uri/" "https://lxinp.ofima.ch/testautidc/redirect_uri/"
ProxyPassReverse "/testautidc/redirect_uri/" "https://lxinp.ofima.ch/testautidc/redirect_uri/"

9 replies

zandbelt Feb 21, 2023
Maintainer

ProxyPass        "/testautidc/redirect_uri" "https://lxinp.ofima.ch/testautidc/redirect_uri/"
ProxyPassReverse "/testautidc/redirect_uri" "https://lxinp.ofima.ch/testautidc/redirect_uri/"

needs to be

ProxyPass        "/testautidc/redirect_uri" "https://lxinp.ofima.ch/testautidc/redirect_uri"
ProxyPassReverse "/testautidc/redirect_uri" "https://lxinp.ofima.ch/testautidc/redirect_uri"

i.e. also remove the trailing slashes in the 2nd parameter value

sirpatrick2 Feb 21, 2023
Author

I did that. Now it seems I get authenticated from the log,

ProxyPass        "/testautidc/redirect_uri" "https://lxinp.ofima.ch/testautidc/redirect_uri"
ProxyPassReverse "/testautidc/redirect_uri" "https://lxinp.ofima.ch/testautidc/redirect_uri"

gives me error 404

See log file:
[...]

[Tue Feb 21 14:06:59.093918 2023] [auth_openidc:debug] [pid 8243] src/util.c(2621): [client 192.168.99.80:34546] oidc_util_hdr_table_set: OIDC_CLAIM_upn: [email protected], referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:06:59.093943 2023] [auth_openidc:debug] [pid 8243] src/util.c(2070): [client 192.168.99.80:34546] oidc_util_set_app_info: setting environment variable "OIDC_CLAIM_upn: [email protected]", referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:06:59.093970 2023] [auth_openidc:debug] [pid 8243] src/util.c(2621): [client 192.168.99.80:34546] oidc_util_hdr_table_set: OIDC_CLAIM_uti: oD1ksf9gdEiqSuSvhKFiAA, referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:06:59.093996 2023] [auth_openidc:debug] [pid 8243] src/util.c(2070): [client 192.168.99.80:34546] oidc_util_set_app_info: setting environment variable "OIDC_CLAIM_uti: oD1ksf9gdEiqSuSvhKFiAA", referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:06:59.094022 2023] [auth_openidc:debug] [pid 8243] src/util.c(2621): [client 192.168.99.80:34546] oidc_util_hdr_table_set: OIDC_CLAIM_ver: 1.0, referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:06:59.094048 2023] [auth_openidc:debug] [pid 8243] src/util.c(2070): [client 192.168.99.80:34546] oidc_util_set_app_info: setting environment variable "OIDC_CLAIM_ver: 1.0", referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:06:59.094109 2023] [auth_openidc:debug] [pid 8243] src/util.c(2621): [client 192.168.99.80:34546] oidc_util_hdr_table_set: OIDC_access_token: PAQABAAAAAAD--DLA3VO7QrddgJg7WevrvxMYRYea4NvL71DJazpKb4oI0fOjn1wQjT8GWJTdm6HdR_s5QqyyE6-1DRCD94c9dMjjJ4KqXTY4zWm7lTTDEBLsnlnQzZVYMPE_GU9H_zUvX-n-2xthimhhAKaAt2WpxMWLhffJfj4LdwaT4b4v1SsWasRItD8p-BVwZXHMoVqN3kpTRPtXGsTlxihhAMXGe8TvXcrehWsupZZ2M8Xivmjs_6s6GKEdQGhIAiDD6GcTUVUdeVLNJFU9vKPTBJu2GMSqNc0VqmxPTFnWltLu1Ml8uY0DFV8jXbkh9-XSjH8U0iqMJA5GIgtsVu3zZGtPmCwWXjXJInC1G07yS8E68F2WMbJX7rHGiDy1Z9ccqvaDcXcjOFHFIn0OzEL9Fb9EqoUEbL8GT5Kqk7JHKbcdDey2TuSc_1fFIQR8AB_ZkpWBZ8PR4NwY0d-zkxUumaMhQFfl5P4_w7t7BdgxgpDrqa0Vip6oT7qtW2_B1CC55WJIwT-X7tBIhloxKU3RnHqSxg21WT8SsYpBUqLZBGF2_rcfIRmZ-M4h43WEUlYRwkVXqFDKDpngsb7Kh1622U-ikvxm42ukq1U1eo-BTPmWWZD2Zka8ePlgJD_Fm8sShmYTJP0F-vsmN012AP7h90G5ddp6LEVcr9mcyeC1FVzsAM_DZL0McLu_XfyzZub25AZUEFSbQU0NSZ3g0Gk66GKJka3w6n3YDPB3JmX2OqyirTDC5UcTc71u1WBBBBx3Br_H5bDJpr-VsLtWuJbvWPRHIAA, referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:06:59.094147 2023] [auth_openidc:debug] [pid 8243] src/util.c(2070): [client 192.168.99.80:34546] oidc_util_set_app_info: setting environment variable "OIDC_access_token: PAQABAAAAAAD--DLA3VO7QrddgJg7WevrvxMYRYea4NvL71DJazpKb4oI0fOjn1wQjT8GWJTdm6HdR_s5QqyyE6-1DRCD94c9dMjjJ4KqXTY4zWm7lTTDEBLsnlnQzZVYMPE_GU9H_zUvX-n-2xthimhhAKaAt2WpxMWLhffJfj4LdwaT4b4v1SsWasRItD8p-BVwZXHMoVqN3kpTRPtXGsTlxihhAMXGe8TvXcrehWsupZZ2M8Xivmjs_6s6GKEdQGhIAiDD6GcTUVUdeVLNJFU9vKPTBJu2GMSqNc0VqmxPTFnWltLu1Ml8uY0DFV8jXbkh9-XSjH8U0iqMJA5GIgtsVu3zZGtPmCwWXjXJInC1G07yS8E68F2WMbJX7rHGiDy1Z9ccqvaDcXcjOFHFIn0OzEL9Fb9EqoUEbL8GT5Kqk7JHKbcdDey2TuSc_1fFIQR8AB_ZkpWBZ8PR4NwY0d-zkxUumaMhQFfl5P4_w7t7BdgxgpDrqa0Vip6oT7qtW2_B1CC55WJIwT-X7tBIhloxKU3RnHqSxg21WT8SsYpBUqLZBGF2_rcfIRmZ-M4h43WEUlYRwkVXqFDKDpngsb7Kh1622U-ikvxm42ukq1U1eo-BTPmWWZD2Zka8ePlgJD_Fm8sShmYTJP0F-vsmN012AP7h90G5ddp6LEVcr9mcyeC1FVzsAM_DZL0McLu_XfyzZub25AZUEFSbQU0NSZ3g0Gk66GKJka3w6n3YDPB3JmX2OqyirTDC5UcTc71u1WBBBBx3Br_H5bDJpr-VsLtWuJbvWPRHIAA", referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:06:59.094182 2023] [auth_openidc:debug] [pid 8243] src/mod_auth_openidc.c(828): [client 192.168.99.80:34546] oidc_log_session_expires: session inactivity timeout: Tue, 21 Feb 2023 13:11:58 GMT (in 298 secs from now), referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:06:59.094211 2023] [auth_openidc:debug] [pid 8243] src/util.c(2565): [client 192.168.99.80:34546] oidc_util_hdr_in_get: Cookie=mod_auth_openidc_session=PzRXM1MklOQyyikDCoYOGq0yCew, referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:06:59.094461 2023] [auth_openidc:debug] [pid 8243] src/util.c(2565): [client 192.168.99.80:34546] oidc_util_hdr_in_get: X-Forwarded-Host=testidcproxy.ofima.ch, referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:06:59.094521 2023] [auth_openidc:debug] [pid 8243] src/util.c(2565): [client 192.168.99.80:34546] oidc_util_hdr_in_get: X-Forwarded-Port=443, referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:06:59.094550 2023] [auth_openidc:debug] [pid 8243] src/util.c(2565): [client 192.168.99.80:34546] oidc_util_hdr_in_get: X-Forwarded-Proto=https, referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:06:59.094575 2023] [auth_openidc:debug] [pid 8243] src/util.c(2565): [client 192.168.99.80:34546] oidc_util_hdr_in_get: X-Forwarded-Proto=https, referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:06:59.094601 2023] [auth_openidc:debug] [pid 8243] src/util.c(2565): [client 192.168.99.80:34546] oidc_util_hdr_in_get: X-Forwarded-Host=testidcproxy.ofima.ch, referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:06:59.094627 2023] [auth_openidc:debug] [pid 8243] src/util.c(2565): [client 192.168.99.80:34546] oidc_util_hdr_in_get: X-Forwarded-Port=443, referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:06:59.094653 2023] [auth_openidc:debug] [pid 8243] src/util.c(704): [client 192.168.99.80:34546] oidc_get_redirect_uri: determined absolute redirect uri: https://testidcproxy.ofima.ch:443/testautidc/redirect_uri, referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:06:59.094710 2023] [auth_openidc:debug] [pid 8243] src/util.c(1443): [client 192.168.99.80:34546] oidc_util_request_matches_url: comparing "/testautidc/favicon.ico"=="/testautidc/redirect_uri", referer: https://testidcproxy.ofima.ch/testautidc/

zandbelt Feb 21, 2023
Maintainer

yes, authentication works now but apparently you're proxying the orignal URL you tried to access to something that does not exist on the origin server; the logs are cut off so I cannot see which URL that is (i.e. the last "incoming request")

sirpatrick2 Feb 21, 2023
Author

I found out a workaround!

Error 404 was because the last redirection requested URL was https://testidcproxy.ofima.ch/testautidc/ instead of the original proxied https://testidcproxy.ofima.ch/
So I wrote another separated ProxyPass to make that redirect work.

ProxyPass        "/testautidc" "https://lxinp.ofima.ch/testautidc/"
ProxyPassReverse "/testautidc" "https://lxinp.ofima.ch/testautidc/"

The whole looks now like that:

 ProxyPreserveHost On
 RequestHeader set X-Forwarded-Proto: "https"
 RequestHeader set X-Forwarded-Port: 443
 
 ProxyPass        "/testautidc/redirect_uri" "https://lxinp.ofima.ch/testautidc/redirect_uri"
 ProxyPassReverse "/testautidc/redirect_uri" "https://lxinp.ofima.ch/testautidc/redirect_uri"
 
 ProxyPass        "/testautidc" "https://lxinp.ofima.ch/testautidc/"
 ProxyPassReverse "/testautidc" "https://lxinp.ofima.ch/testautidc/"

 ProxyPass        "/" "https://lxinp.ofima.ch/testautidc/"
 ProxyPassReverse "/" "https://lxinp.ofima.ch/testautidc/"

Do you think it's a good solution like this?

BTW I enclose the error I had before, for completeness...
[Tue Feb 21 14:53:08.837582 2023] [auth_openidc:debug] [pid 8191] src/mod_auth_openidc.c(4048): [client 192.168.99.80:34760] oidc_check_user_id: incoming request: "/testautidc/?(null)", ap_is_initial_req(r)=1
[Tue Feb 21 14:53:08.838165 2023] [auth_openidc:debug] [pid 8191] src/util.c(2565): [client 192.168.99.80:34760] oidc_util_hdr_in_get: X-Forwarded-Host=testidcproxy.ofima.ch
[Tue Feb 21 14:53:08.838344 2023] [auth_openidc:debug] [pid 8191] src/util.c(2565): [client 192.168.99.80:34760] oidc_util_hdr_in_get: X-Forwarded-Port=443
[Tue Feb 21 14:53:08.838499 2023] [auth_openidc:debug] [pid 8191] src/util.c(2565): [client 192.168.99.80:34760] oidc_util_hdr_in_get: X-Forwarded-Proto=https
[Tue Feb 21 14:53:08.838648 2023] [auth_openidc:debug] [pid 8191] src/util.c(2565): [client 192.168.99.80:34760] oidc_util_hdr_in_get: X-Forwarded-Proto=https
[Tue Feb 21 14:53:08.838798 2023] [auth_openidc:debug] [pid 8191] src/util.c(2565): [client 192.168.99.80:34760] oidc_util_hdr_in_get: X-Forwarded-Host=testidcproxy.ofima.ch
[Tue Feb 21 14:53:08.839011 2023] [auth_openidc:debug] [pid 8191] src/util.c(2565): [client 192.168.99.80:34760] oidc_util_hdr_in_get: X-Forwarded-Port=443
[Tue Feb 21 14:53:08.839167 2023] [auth_openidc:debug] [pid 8191] src/util.c(704): [client 192.168.99.80:34760] oidc_get_redirect_uri: determined absolute redirect uri: https://testidcproxy.ofima.ch:443/testautidc/redirect_uri
[Tue Feb 21 14:53:08.839318 2023] [auth_openidc:debug] [pid 8191] src/util.c(1281): [client 192.168.99.80:34760] oidc_util_get_cookie: returning "mod_auth_openidc_session" = <null>
[Tue Feb 21 14:53:08.839466 2023] [auth_openidc:debug] [pid 8191] src/util.c(2565): [client 192.168.99.80:34760] oidc_util_hdr_in_get: X-Forwarded-Host=testidcproxy.ofima.ch
[Tue Feb 21 14:53:08.839611 2023] [auth_openidc:debug] [pid 8191] src/util.c(2565): [client 192.168.99.80:34760] oidc_util_hdr_in_get: X-Forwarded-Port=443
[Tue Feb 21 14:53:08.839756 2023] [auth_openidc:debug] [pid 8191] src/util.c(2565): [client 192.168.99.80:34760] oidc_util_hdr_in_get: X-Forwarded-Proto=https
[Tue Feb 21 14:53:08.839900 2023] [auth_openidc:debug] [pid 8191] src/util.c(2565): [client 192.168.99.80:34760] oidc_util_hdr_in_get: X-Forwarded-Proto=https
[Tue Feb 21 14:53:08.840045 2023] [auth_openidc:debug] [pid 8191] src/util.c(2565): [client 192.168.99.80:34760] oidc_util_hdr_in_get: X-Forwarded-Host=testidcproxy.ofima.ch
[Tue Feb 21 14:53:08.840208 2023] [auth_openidc:debug] [pid 8191] src/util.c(2565): [client 192.168.99.80:34760] oidc_util_hdr_in_get: X-Forwarded-Port=443
[Tue Feb 21 14:53:08.840369 2023] [auth_openidc:debug] [pid 8191] src/util.c(704): [client 192.168.99.80:34760] oidc_get_redirect_uri: determined absolute redirect uri: https://testidcproxy.ofima.ch:443/testautidc/redirect_uri
[Tue Feb 21 14:53:08.840520 2023] [auth_openidc:debug] [pid 8191] src/util.c(1443): [client 192.168.99.80:34760] oidc_util_request_matches_url: comparing "/testautidc/"=="/testautidc/redirect_uri"
[Tue Feb 21 14:53:08.840670 2023] [auth_openidc:debug] [pid 8191] src/util.c(2565): [client 192.168.99.80:34760] oidc_util_hdr_in_get: Sec-Fetch-Mode=navigate
[Tue Feb 21 14:53:08.840816 2023] [auth_openidc:debug] [pid 8191] src/util.c(2565): [client 192.168.99.80:34760] oidc_util_hdr_in_get: Sec-Fetch-Mode=navigate
[Tue Feb 21 14:53:08.840960 2023] [auth_openidc:debug] [pid 8191] src/util.c(2565): [client 192.168.99.80:34760] oidc_util_hdr_in_get: Sec-Fetch-Dest=document
[Tue Feb 21 14:53:08.841103 2023] [auth_openidc:debug] [pid 8191] src/util.c(2565): [client 192.168.99.80:34760] oidc_util_hdr_in_get: Sec-Fetch-Dest=document
[Tue Feb 21 14:53:08.841247 2023] [auth_openidc:debug] [pid 8191] src/util.c(2565): [client 192.168.99.80:34760] oidc_util_hdr_in_get: Accept=text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
[Tue Feb 21 14:53:08.841399 2023] [auth_openidc:debug] [pid 8191] src/util.c(2565): [client 192.168.99.80:34760] oidc_util_hdr_in_get: X-Forwarded-Host=testidcproxy.ofima.ch
[Tue Feb 21 14:53:08.841546 2023] [auth_openidc:debug] [pid 8191] src/util.c(2565): [client 192.168.99.80:34760] oidc_util_hdr_in_get: X-Forwarded-Port=443
[Tue Feb 21 14:53:08.841690 2023] [auth_openidc:debug] [pid 8191] src/util.c(2565): [client 192.168.99.80:34760] oidc_util_hdr_in_get: X-Forwarded-Proto=https
[Tue Feb 21 14:53:08.841877 2023] [auth_openidc:debug] [pid 8191] src/util.c(2565): [client 192.168.99.80:34760] oidc_util_hdr_in_get: X-Forwarded-Proto=https
[Tue Feb 21 14:53:08.842028 2023] [auth_openidc:debug] [pid 8191] src/util.c(2565): [client 192.168.99.80:34760] oidc_util_hdr_in_get: X-Forwarded-Host=testidcproxy.ofima.ch
[Tue Feb 21 14:53:08.842175 2023] [auth_openidc:debug] [pid 8191] src/util.c(2565): [client 192.168.99.80:34760] oidc_util_hdr_in_get: X-Forwarded-Port=443
[Tue Feb 21 14:53:08.842322 2023] [auth_openidc:debug] [pid 8191] src/util.c(685): [client 192.168.99.80:34760] oidc_get_current_url: current URL 'https://testidcproxy.ofima.ch:443/testautidc/'
[Tue Feb 21 14:53:08.842469 2023] [auth_openidc:debug] [pid 8191] src/mod_auth_openidc.c(2258): [client 192.168.99.80:34760] oidc_authenticate_user: enter
[Tue Feb 21 14:53:08.842678 2023] [auth_openidc:debug] [pid 8191] src/cache/common.c(272): [client 192.168.99.80:34760] oidc_cache_get: enter: https://sts.windows.net/49078764-2a24-4af0-9d14-12eac8502836/.well-known/openid-configuration (section=p, decrypt=0, type=shm)
[Tue Feb 21 14:53:08.842903 2023] [auth_openidc:debug] [pid 8191] src/cache/common.c(304): [client 192.168.99.80:34760] oidc_cache_get: cache hit: return 1736 bytes from shm cache backend for key https://sts.windows.net/49078764-2a24-4af0-9d14-12eac8502836/.well-known/openid-configuration
[Tue Feb 21 14:53:08.843297 2023] [auth_openidc:debug] [pid 8191] src/proto.c(69): [client 192.168.99.80:34760] oidc_proto_generate_random_bytes: apr_generate_random_bytes call for 32 bytes
[Tue Feb 21 14:53:08.843470 2023] [auth_openidc:debug] [pid 8191] src/proto.c(71): [client 192.168.99.80:34760] oidc_proto_generate_random_bytes: apr_generate_random_bytes returned
[Tue Feb 21 14:53:08.843630 2023] [auth_openidc:debug] [pid 8191] src/util.c(2565): [client 192.168.99.80:34760] oidc_util_hdr_in_get: X-Forwarded-Host=testidcproxy.ofima.ch
[Tue Feb 21 14:53:08.843783 2023] [auth_openidc:debug] [pid 8191] src/util.c(2565): [client 192.168.99.80:34760] oidc_util_hdr_in_get: X-Forwarded-Port=443
[Tue Feb 21 14:53:08.843929 2023] [auth_openidc:debug] [pid 8191] src/util.c(2565): [client 192.168.99.80:34760] oidc_util_hdr_in_get: X-Forwarded-Proto=https
[Tue Feb 21 14:53:08.844075 2023] [auth_openidc:debug] [pid 8191] src/util.c(2565): [client 192.168.99.80:34760] oidc_util_hdr_in_get: X-Forwarded-Proto=https
[Tue Feb 21 14:53:08.844221 2023] [auth_openidc:debug] [pid 8191] src/util.c(2565): [client 192.168.99.80:34760] oidc_util_hdr_in_get: X-Forwarded-Host=testidcproxy.ofima.ch
[Tue Feb 21 14:53:08.844367 2023] [auth_openidc:debug] [pid 8191] src/util.c(2565): [client 192.168.99.80:34760] oidc_util_hdr_in_get: X-Forwarded-Port=443
[Tue Feb 21 14:53:08.844514 2023] [auth_openidc:debug] [pid 8191] src/util.c(704): [client 192.168.99.80:34760] oidc_get_redirect_uri: determined absolute redirect uri: https://testidcproxy.ofima.ch:443/testautidc/redirect_uri
[Tue Feb 21 14:53:08.844662 2023] [auth_openidc:debug] [pid 8191] src/util.c(1443): [client 192.168.99.80:34760] oidc_util_request_matches_url: comparing "/testautidc/"=="/testautidc/redirect_uri"
[Tue Feb 21 14:53:08.844818 2023] [auth_openidc:debug] [pid 8191] src/mod_auth_openidc.c(209): [client 192.168.99.80:34760] oidc_get_browser_state_hash: enter
[Tue Feb 21 14:53:08.844984 2023] [auth_openidc:debug] [pid 8191] src/util.c(2565): [client 192.168.99.80:34760] oidc_util_hdr_in_get: X-Forwarded-For=192.1.2.127
[Tue Feb 21 14:53:08.845198 2023] [auth_openidc:debug] [pid 8191] src/util.c(2565): [client 192.168.99.80:34760] oidc_util_hdr_in_get: User-Agent=Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36 Edg/110.0.1587.50
[Tue Feb 21 14:53:08.845419 2023] [auth_openidc:debug] [pid 8191] src/util.c(2380): [client 192.168.99.80:34760] oidc_util_create_symmetric_key: key_len=32
[Tue Feb 21 14:53:08.845739 2023] [auth_openidc:debug] [pid 8191] src/util.c(2565): [client 192.168.99.80:34760] oidc_util_hdr_in_get: X-Forwarded-Proto=https
[Tue Feb 21 14:53:08.845952 2023] [auth_openidc:debug] [pid 8191] src/util.c(2565): [client 192.168.99.80:34760] oidc_util_hdr_in_get: X-Forwarded-Proto=https
[Tue Feb 21 14:53:08.846111 2023] [auth_openidc:debug] [pid 8191] src/util.c(1171): [client 192.168.99.80:34760] oidc_util_set_cookie_append_value: no cookie append environment variable OIDC_SET_COOKIE_APPEND found
[Tue Feb 21 14:53:08.846263 2023] [auth_openidc:debug] [pid 8191] src/util.c(2643): [client 192.168.99.80:34760] oidc_util_hdr_err_out_add: Set-Cookie: mod_auth_openidc_state_NUnKhitsZtkeyJ6kg0T696jQ7zs=eyJhbGciOiAiZGlyIiwgImVuYyI6ICJBMjU2R0NNIn0..ypH9eZFV0dmx7c6u.17BWdEZubz0bGcPtesbitxGKCUivDpjzYqwvlrl5OysDAPYCoIsox7lj5wGZdmfNUs_BEQvpZdvPx_XB4swIfmPPVpbNYccTiWU-kAgTLoMzoremIOWPi4A5oJqrAjRwgbAP2xM_WNYbxfoZZJgc9-WBE_la_jGxSCwQD0RMC3wfk8UJAcluW4tB4IL6wVyHG85jIL3GtLh6VxhxANErVIk5fJ2rqUhZsK5LAxz3QymbMpUZTb2dTlU-s7-wEiq9s_97W4Fh7mbAyhNKdRqzrXwj3jSqtrkMdXs4aP96zSf4sP_YOHQkneyg4A2TTyRXwwFMsmOEoNYx3-16tYUimnrkwHB4_tuguUIdxzVhYgNhyxhfhHEynl-Hu_uSQL9_Bwp_tro_rpyAT88H_ZX77S0C3nlvJqIvQTAjpeJY_qrlaHs3_Sqs7cVETH206KI3PpgrPxFVdYvX6Rk.GeWJ5znbXBS7xUxvpjMsPQ; Path=/; Secure; HttpOnly; SameSite=None
[Tue Feb 21 14:53:08.846418 2023] [auth_openidc:debug] [pid 8191] src/util.c(2565): [client 192.168.99.80:34760] oidc_util_hdr_in_get: X-Forwarded-Host=testidcproxy.ofima.ch
[Tue Feb 21 14:53:08.846567 2023] [auth_openidc:debug] [pid 8191] src/util.c(2565): [client 192.168.99.80:34760] oidc_util_hdr_in_get: X-Forwarded-Port=443
[Tue Feb 21 14:53:08.846714 2023] [auth_openidc:debug] [pid 8191] src/util.c(2565): [client 192.168.99.80:34760] oidc_util_hdr_in_get: X-Forwarded-Proto=https
[Tue Feb 21 14:53:08.846901 2023] [auth_openidc:debug] [pid 8191] src/util.c(2565): [client 192.168.99.80:34760] oidc_util_hdr_in_get: X-Forwarded-Proto=https
[Tue Feb 21 14:53:08.847060 2023] [auth_openidc:debug] [pid 8191] src/util.c(2565): [client 192.168.99.80:34760] oidc_util_hdr_in_get: X-Forwarded-Host=testidcproxy.ofima.ch
[Tue Feb 21 14:53:08.847207 2023] [auth_openidc:debug] [pid 8191] src/util.c(2565): [client 192.168.99.80:34760] oidc_util_hdr_in_get: X-Forwarded-Port=443
[Tue Feb 21 14:53:08.847354 2023] [auth_openidc:debug] [pid 8191] src/util.c(704): [client 192.168.99.80:34760] oidc_get_redirect_uri: determined absolute redirect uri: https://testidcproxy.ofima.ch:443/testautidc/redirect_uri
[Tue Feb 21 14:53:08.847503 2023] [auth_openidc:debug] [pid 8191] src/util.c(2565): [client 192.168.99.80:34760] oidc_util_hdr_in_get: X-Forwarded-Host=testidcproxy.ofima.ch
[Tue Feb 21 14:53:08.847668 2023] [auth_openidc:debug] [pid 8191] src/util.c(2565): [client 192.168.99.80:34760] oidc_util_hdr_in_get: X-Forwarded-Port=443
[Tue Feb 21 14:53:08.847875 2023] [auth_openidc:debug] [pid 8191] src/util.c(2565): [client 192.168.99.80:34760] oidc_util_hdr_in_get: X-Forwarded-Proto=https
[Tue Feb 21 14:53:08.848088 2023] [auth_openidc:debug] [pid 8191] src/util.c(2565): [client 192.168.99.80:34760] oidc_util_hdr_in_get: X-Forwarded-Proto=https
[Tue Feb 21 14:53:08.848129 2023] [auth_openidc:debug] [pid 8191] src/util.c(2565): [client 192.168.99.80:34760] oidc_util_hdr_in_get: X-Forwarded-Host=testidcproxy.ofima.ch
[Tue Feb 21 14:53:08.848156 2023] [auth_openidc:debug] [pid 8191] src/util.c(2565): [client 192.168.99.80:34760] oidc_util_hdr_in_get: X-Forwarded-Port=443
[Tue Feb 21 14:53:08.848218 2023] [auth_openidc:debug] [pid 8191] src/util.c(704): [client 192.168.99.80:34760] oidc_get_redirect_uri: determined absolute redirect uri: https://testidcproxy.ofima.ch:443/testautidc/redirect_uri
[Tue Feb 21 14:53:08.848292 2023] [auth_openidc:debug] [pid 8191] src/proto.c(647): [client 192.168.99.80:34760] oidc_proto_authorization_request: enter, issuer=https://sts.windows.net/49078764-2a24-4af0-9d14-12eac8502836/, redirect_uri=https://testidcproxy.ofima.ch:443/testautidc/redirect_uri, state=NUnKhitsZtkeyJ6kg0T696jQ7zs, proto_state={"ou":"https://testidcproxy.ofima.ch:443/testautidc/","om":"get","i":"https://sts.windows.net/49078764-2a24-4af0-9d14-12eac8502836/","rt":"code","n":"eBWZ1PJyygzJAaC282t8Yh1E4ctRkwtHny-7lhflyN4","t":1676987588}, code_challenge=(null), auth_request_params=(null), path_scope=(null)
[Tue Feb 21 14:53:08.848666 2023] [auth_openidc:debug] [pid 8191] src/util.c(787): [client 192.168.99.80:34760] oidc_util_http_add_form_url_encoded_param: processing: response_type=code
[Tue Feb 21 14:53:08.849233 2023] [auth_openidc:debug] [pid 8191] src/util.c(787): [client 192.168.99.80:34760] oidc_util_http_add_form_url_encoded_param: processing: scope=openid
[Tue Feb 21 14:53:08.849429 2023] [auth_openidc:debug] [pid 8191] src/util.c(787): [client 192.168.99.80:34760] oidc_util_http_add_form_url_encoded_param: processing: client_id=ca0ba4a4-f522-4891-aa55-34355ef7c175
[Tue Feb 21 14:53:08.849611 2023] [auth_openidc:debug] [pid 8191] src/util.c(787): [client 192.168.99.80:34760] oidc_util_http_add_form_url_encoded_param: processing: state=NUnKhitsZtkeyJ6kg0T696jQ7zs
[Tue Feb 21 14:53:08.849792 2023] [auth_openidc:debug] [pid 8191] src/util.c(787): [client 192.168.99.80:34760] oidc_util_http_add_form_url_encoded_param: processing: redirect_uri=https://testidcproxy.ofima.ch:443/testautidc/redirect_uri
[Tue Feb 21 14:53:08.850004 2023] [auth_openidc:debug] [pid 8191] src/util.c(787): [client 192.168.99.80:34760] oidc_util_http_add_form_url_encoded_param: processing: nonce=eBWZ1PJyygzJAaC282t8Yh1E4ctRkwtHny-7lhflyN4
[Tue Feb 21 14:53:08.850197 2023] [auth_openidc:debug] [pid 8191] src/util.c(816): [client 192.168.99.80:34760] oidc_util_http_query_encoded_url: url=https://login.windows.net/49078764-2a24-4af0-9d14-12eac8502836/oauth2/authorize?response_type=code&scope=openid&client_id=ca0ba4a4-f522-4891-aa55-34355ef7c175&state=NUnKhitsZtkeyJ6kg0T696jQ7zs&redirect_uri=https%3A%2F%2Ftestidcproxy.ofima.ch%3A443%2Ftestautidc%2Fredirect_uri&nonce=eBWZ1PJyygzJAaC282t8Yh1E4ctRkwtHny-7lhflyN4
[Tue Feb 21 14:53:08.850356 2023] [auth_openidc:debug] [pid 8191] src/util.c(2621): [client 192.168.99.80:34760] oidc_util_hdr_table_set: Location: https://login.windows.net/49078764-2a24-4af0-9d14-12eac8502836/oauth2/authorize?response_type=code&scope=openid&client_id=ca0ba4a4-f522-4891-aa55-34355ef7c175&state=NUnKhitsZtkeyJ6kg0T696jQ7zs&redirect_uri=https%3A%2F%2Ftestidcproxy.ofima.ch%3A443%2Ftestautidc%2Fredirect_uri&nonce=eBWZ1PJyygzJAaC282t8Yh1E4ctRkwtHny-7lhflyN4
[Tue Feb 21 14:53:08.850509 2023] [auth_openidc:debug] [pid 8191] src/util.c(2643): [client 192.168.99.80:34760] oidc_util_hdr_err_out_add: Cache-Control: no-cache, no-store, max-age=0
[Tue Feb 21 14:53:08.850656 2023] [auth_openidc:debug] [pid 8191] src/proto.c(785): [client 192.168.99.80:34760] oidc_proto_authorization_request: return: 302
[Tue Feb 21 14:53:32.422552 2023] [auth_openidc:debug] [pid 8242] src/mod_auth_openidc.c(4048): [client 192.168.99.80:34762] oidc_check_user_id: incoming request: "/testautidc/redirect_uri?code=0.AU8AZIcHSSQq8EqdFBLqyFAoNqSkC8oi9ZFIqlU0NV73wXVPAAA.AgABAAIAAAD--DLA3VO7QrddgJg7WevrAgDs_wUA9P8DZJ9Y7lXAAyqMSCPURpNnISS2Z82b_XdR0tH91LOov9dqZDusXSQ7xeedJAIvreTZXan3xSaovKYIFySWWNwaCezU4hV_4RRd5derh4dfEpLojIBRYmCVzF4nwbmv18XeIN0RVPp2aKmXBsJiZpaL1JRQf8Jvz3ZzTBf0fklHmpzIUWuS6bpACCYtQVqF1wy8KQoZiukI_kPwVKvkfD-Ovs7UAoSGbK299SfCIBTELSbCpeR9FGCKV9Hn9_bX_PePfxu2Z9QQsYtoAGOXQT34_ygNlrxQUTQuswXHs4vKRWC0mMoGaPnSiCM7r68pvCyS9nBW9zXl706BzBoNyPeoCVuiv01syM9jsHv-Ug-Wcj8CfvpmF8OHbwSt2KrwGxsKXberR7BIf9PPaKWUAZ-IABDFpVWqm57IxZWNJN-PwQIJnAH8bR9f_8zSY3snsIAU9haLjxpzpd1gidUPkTsa2OYAiphuvYNgptwbqT0v65oQw42o09IZVuDA1nCLkeEIsmPUbr5G8yQ8wSGADdkvlxQ8kWyQKYIXYQAwB6GRxph6NxrBkQIdV_1YtOq1ywDiHa4YGDiq_VhezxTvUYVz3cyatHlfrrWHkA4SzjcNT25o3wbfNLn2diAVQUgeqUU2dB6DemH-YZSDQWfRacd1KlbtwkXI3bsoVmkDMaAP3fPP0CmTRpjmxio4cOOsZFFJA52kbSoX0Ga0VdxqrdWV_T85ayCr&state=NUnKhitsZtkeyJ6kg0T696jQ7zs&session_state=4b2f162d-90c5-4be8-bf94-6c51577c360c", ap_is_initial_req(r)=1, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.422827 2023] [auth_openidc:debug] [pid 8242] src/util.c(2565): [client 192.168.99.80:34762] oidc_util_hdr_in_get: X-Forwarded-Host=testidcproxy.ofima.ch, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.423513 2023] [auth_openidc:debug] [pid 8242] src/util.c(2565): [client 192.168.99.80:34762] oidc_util_hdr_in_get: X-Forwarded-Port=443, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.423687 2023] [auth_openidc:debug] [pid 8242] src/util.c(2565): [client 192.168.99.80:34762] oidc_util_hdr_in_get: X-Forwarded-Proto=https, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.423823 2023] [auth_openidc:debug] [pid 8242] src/util.c(2565): [client 192.168.99.80:34762] oidc_util_hdr_in_get: X-Forwarded-Proto=https, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.424256 2023] [auth_openidc:debug] [pid 8242] src/util.c(2565): [client 192.168.99.80:34762] oidc_util_hdr_in_get: X-Forwarded-Host=testidcproxy.ofima.ch, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.424473 2023] [auth_openidc:debug] [pid 8242] src/util.c(2565): [client 192.168.99.80:34762] oidc_util_hdr_in_get: X-Forwarded-Port=443, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.424644 2023] [auth_openidc:debug] [pid 8242] src/util.c(704): [client 192.168.99.80:34762] oidc_get_redirect_uri: determined absolute redirect uri: https://testidcproxy.ofima.ch:443/testautidc/redirect_uri, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.424809 2023] [auth_openidc:debug] [pid 8242] src/util.c(2565): [client 192.168.99.80:34762] oidc_util_hdr_in_get: Cookie=mod_auth_openidc_state_NUnKhitsZtkeyJ6kg0T696jQ7zs=eyJhbGciOiAiZGlyIiwgImVuYyI6ICJBMjU2R0NNIn0..ypH9eZFV0dmx7c6u.17BWdEZubz0bGcPtesbitxGKCUivDpjzYqwvlrl5OysDAPYCoIsox7lj5wGZdmfNUs_BEQvpZdvPx_XB4swIfmPPVpbNYccTiWU-kAgTLoMzoremIOWPi4A5oJqrAjRwgbAP2xM_WNYbxfoZZJgc9-WBE_la_jGxSCwQD0RMC3wfk8UJAcluW4tB4IL6wVyHG85jIL3GtLh6VxhxANErVIk5fJ2rqUhZsK5LAxz3QymbMpUZTb2dTlU-s7-wEiq9s_97W4Fh7mbAyhNKdRqzrXwj3jSqtrkMdXs4aP96zSf4sP_YOHQkneyg4A2TTyRXwwFMsmOEoNYx3-16tYUimnrkwHB4_tuguUIdxzVhYgNhyxhfhHEynl-Hu_uSQL9_Bwp_tro_rpyAT88H_ZX77S0C3nlvJqIvQTAjpeJY_qrlaHs3_Sqs7cVETH206KI3PpgrPxFVdYvX6Rk.GeWJ5znbXBS7xUxvpjMsPQ, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.424980 2023] [auth_openidc:debug] [pid 8242] src/util.c(1281): [client 192.168.99.80:34762] oidc_util_get_cookie: returning "mod_auth_openidc_session" = <null>, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.425141 2023] [auth_openidc:debug] [pid 8242] src/util.c(2565): [client 192.168.99.80:34762] oidc_util_hdr_in_get: X-Forwarded-Host=testidcproxy.ofima.ch, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.425299 2023] [auth_openidc:debug] [pid 8242] src/util.c(2565): [client 192.168.99.80:34762] oidc_util_hdr_in_get: X-Forwarded-Port=443, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.425456 2023] [auth_openidc:debug] [pid 8242] src/util.c(2565): [client 192.168.99.80:34762] oidc_util_hdr_in_get: X-Forwarded-Proto=https, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.425627 2023] [auth_openidc:debug] [pid 8242] src/util.c(2565): [client 192.168.99.80:34762] oidc_util_hdr_in_get: X-Forwarded-Proto=https, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.425789 2023] [auth_openidc:debug] [pid 8242] src/util.c(2565): [client 192.168.99.80:34762] oidc_util_hdr_in_get: X-Forwarded-Host=testidcproxy.ofima.ch, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.425948 2023] [auth_openidc:debug] [pid 8242] src/util.c(2565): [client 192.168.99.80:34762] oidc_util_hdr_in_get: X-Forwarded-Port=443, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.426106 2023] [auth_openidc:debug] [pid 8242] src/util.c(704): [client 192.168.99.80:34762] oidc_get_redirect_uri: determined absolute redirect uri: https://testidcproxy.ofima.ch:443/testautidc/redirect_uri, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.426270 2023] [auth_openidc:debug] [pid 8242] src/util.c(1443): [client 192.168.99.80:34762] oidc_util_request_matches_url: comparing "/testautidc/redirect_uri"=="/testautidc/redirect_uri", referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.426475 2023] [auth_openidc:debug] [pid 8242] src/mod_auth_openidc.c(2083): [client 192.168.99.80:34762] oidc_handle_redirect_authorization_response: enter, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.426711 2023] [auth_openidc:debug] [pid 8242] src/util.c(1767): [client 192.168.99.80:34762] oidc_util_read_form_encoded_params: read: code=0.AU8AZIcHSSQq8EqdFBLqyFAoNqSkC8oi9ZFIqlU0NV73wXVPAAA.AgABAAIAAAD--DLA3VO7QrddgJg7WevrAgDs_wUA9P8DZJ9Y7lXAAyqMSCPURpNnISS2Z82b_XdR0tH91LOov9dqZDusXSQ7xeedJAIvreTZXan3xSaovKYIFySWWNwaCezU4hV_4RRd5derh4dfEpLojIBRYmCVzF4nwbmv18XeIN0RVPp2aKmXBsJiZpaL1JRQf8Jvz3ZzTBf0fklHmpzIUWuS6bpACCYtQVqF1wy8KQoZiukI_kPwVKvkfD-Ovs7UAoSGbK299SfCIBTELSbCpeR9FGCKV9Hn9_bX_PePfxu2Z9QQsYtoAGOXQT34_ygNlrxQUTQuswXHs4vKRWC0mMoGaPnSiCM7r68pvCyS9nBW9zXl706BzBoNyPeoCVuiv01syM9jsHv-Ug-Wcj8CfvpmF8OHbwSt2KrwGxsKXberR7BIf9PPaKWUAZ-IABDFpVWqm57IxZWNJN-PwQIJnAH8bR9f_8zSY3snsIAU9haLjxpzpd1gidUPkTsa2OYAiphuvYNgptwbqT0v65oQw42o09IZVuDA1nCLkeEIsmPUbr5G8yQ8wSGADdkvlxQ8kWyQKYIXYQAwB6GRxph6NxrBkQIdV_1YtOq1ywDiHa4YGDiq_VhezxTvUYVz3cyatHlfrrWHkA4SzjcNT25o3wbfNLn2diAVQUgeqUU2dB6DemH-YZSDQWfRacd1KlbtwkXI3bsoVmkDMaAP3fPP0CmTRpjmxio4cOOsZFFJA52kbSoX0Ga0VdxqrdWV_T85ayCr, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.426930 2023] [auth_openidc:debug] [pid 8242] src/util.c(1767): [client 192.168.99.80:34762] oidc_util_read_form_encoded_params: read: state=NUnKhitsZtkeyJ6kg0T696jQ7zs, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.427121 2023] [auth_openidc:debug] [pid 8242] src/util.c(1767): [client 192.168.99.80:34762] oidc_util_read_form_encoded_params: read: session_state=4b2f162d-90c5-4be8-bf94-6c51577c360c, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.427282 2023] [auth_openidc:debug] [pid 8242] src/util.c(1772): [client 192.168.99.80:34762] oidc_util_read_form_encoded_params: parsed: 920 bytes into 3 elements, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.427440 2023] [auth_openidc:debug] [pid 8242] src/mod_auth_openidc.c(1899): [client 192.168.99.80:34762] oidc_handle_authorization_response: enter, response_mode=query, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.427597 2023] [auth_openidc:debug] [pid 8242] src/mod_auth_openidc.c(1523): [client 192.168.99.80:34762] oidc_authorization_response_match_state: enter (state=NUnKhitsZtkeyJ6kg0T696jQ7zs), referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.427755 2023] [auth_openidc:debug] [pid 8242] src/mod_auth_openidc.c(616): [client 192.168.99.80:34762] oidc_restore_proto_state: enter, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.427917 2023] [auth_openidc:debug] [pid 8242] src/util.c(2565): [client 192.168.99.80:34762] oidc_util_hdr_in_get: Cookie=mod_auth_openidc_state_NUnKhitsZtkeyJ6kg0T696jQ7zs=eyJhbGciOiAiZGlyIiwgImVuYyI6ICJBMjU2R0NNIn0..ypH9eZFV0dmx7c6u.17BWdEZubz0bGcPtesbitxGKCUivDpjzYqwvlrl5OysDAPYCoIsox7lj5wGZdmfNUs_BEQvpZdvPx_XB4swIfmPPVpbNYccTiWU-kAgTLoMzoremIOWPi4A5oJqrAjRwgbAP2xM_WNYbxfoZZJgc9-WBE_la_jGxSCwQD0RMC3wfk8UJAcluW4tB4IL6wVyHG85jIL3GtLh6VxhxANErVIk5fJ2rqUhZsK5LAxz3QymbMpUZTb2dTlU-s7-wEiq9s_97W4Fh7mbAyhNKdRqzrXwj3jSqtrkMdXs4aP96zSf4sP_YOHQkneyg4A2TTyRXwwFMsmOEoNYx3-16tYUimnrkwHB4_tuguUIdxzVhYgNhyxhfhHEynl-Hu_uSQL9_Bwp_tro_rpyAT88H_ZX77S0C3nlvJqIvQTAjpeJY_qrlaHs3_Sqs7cVETH206KI3PpgrPxFVdYvX6Rk.GeWJ5znbXBS7xUxvpjMsPQ, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.428092 2023] [auth_openidc:debug] [pid 8242] src/util.c(2565): [client 192.168.99.80:34762] oidc_util_hdr_in_get: Cookie=mod_auth_openidc_state_NUnKhitsZtkeyJ6kg0T696jQ7zs=eyJhbGciOiAiZGlyIiwgImVuYyI6ICJBMjU2R0NNIn0..ypH9eZFV0dmx7c6u.17BWdEZubz0bGcPtesbitxGKCUivDpjzYqwvlrl5OysDAPYCoIsox7lj5wGZdmfNUs_BEQvpZdvPx_XB4swIfmPPVpbNYccTiWU-kAgTLoMzoremIOWPi4A5oJqrAjRwgbAP2xM_WNYbxfoZZJgc9-WBE_la_jGxSCwQD0RMC3wfk8UJAcluW4tB4IL6wVyHG85jIL3GtLh6VxhxANErVIk5fJ2rqUhZsK5LAxz3QymbMpUZTb2dTlU-s7-wEiq9s_97W4Fh7mbAyhNKdRqzrXwj3jSqtrkMdXs4aP96zSf4sP_YOHQkneyg4A2TTyRXwwFMsmOEoNYx3-16tYUimnrkwHB4_tuguUIdxzVhYgNhyxhfhHEynl-Hu_uSQL9_Bwp_tro_rpyAT88H_ZX77S0C3nlvJqIvQTAjpeJY_qrlaHs3_Sqs7cVETH206KI3PpgrPxFVdYvX6Rk.GeWJ5znbXBS7xUxvpjMsPQ, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.428301 2023] [auth_openidc:debug] [pid 8242] src/util.c(1281): [client 192.168.99.80:34762] oidc_util_get_cookie: returning "mod_auth_openidc_state_NUnKhitsZtkeyJ6kg0T696jQ7zs" = "eyJhbGciOiAiZGlyIiwgImVuYyI6ICJBMjU2R0NNIn0..ypH9eZFV0dmx7c6u.17BWdEZubz0bGcPtesbitxGKCUivDpjzYqwvlrl5OysDAPYCoIsox7lj5wGZdmfNUs_BEQvpZdvPx_XB4swIfmPPVpbNYccTiWU-kAgTLoMzoremIOWPi4A5oJqrAjRwgbAP2xM_WNYbxfoZZJgc9-WBE_la_jGxSCwQD0RMC3wfk8UJAcluW4tB4IL6wVyHG85jIL3GtLh6VxhxANErVIk5fJ2rqUhZsK5LAxz3QymbMpUZTb2dTlU-s7-wEiq9s_97W4Fh7mbAyhNKdRqzrXwj3jSqtrkMdXs4aP96zSf4sP_YOHQkneyg4A2TTyRXwwFMsmOEoNYx3-16tYUimnrkwHB4_tuguUIdxzVhYgNhyxhfhHEynl-Hu_uSQL9_Bwp_tro_rpyAT88H_ZX77S0C3nlvJqIvQTAjpeJY_qrlaHs3_Sqs7cVETH206KI3PpgrPxFVdYvX6Rk.GeWJ5znbXBS7xUxvpjMsPQ", referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.428467 2023] [auth_openidc:debug] [pid 8242] src/util.c(2565): [client 192.168.99.80:34762] oidc_util_hdr_in_get: X-Forwarded-Proto=https, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.428634 2023] [auth_openidc:debug] [pid 8242] src/util.c(2565): [client 192.168.99.80:34762] oidc_util_hdr_in_get: X-Forwarded-Proto=https, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.428800 2023] [auth_openidc:debug] [pid 8242] src/util.c(1171): [client 192.168.99.80:34762] oidc_util_set_cookie_append_value: no cookie append environment variable OIDC_SET_COOKIE_APPEND found, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.428959 2023] [auth_openidc:debug] [pid 8242] src/util.c(2643): [client 192.168.99.80:34762] oidc_util_hdr_err_out_add: Set-Cookie: mod_auth_openidc_state_NUnKhitsZtkeyJ6kg0T696jQ7zs=; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT; Secure; HttpOnly; SameSite=None, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.429140 2023] [auth_openidc:debug] [pid 8242] src/util.c(199): [client 192.168.99.80:34762] oidc_util_jwt_verify: enter: JWT header={"alg": "dir", "enc": "A256GCM"}, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.429320 2023] [auth_openidc:debug] [pid 8242] src/util.c(2380): [client 192.168.99.80:34762] oidc_util_create_symmetric_key: key_len=32, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.429608 2023] [auth_openidc:debug] [pid 8242] src/mod_auth_openidc.c(209): [client 192.168.99.80:34762] oidc_get_browser_state_hash: enter, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.429782 2023] [auth_openidc:debug] [pid 8242] src/util.c(2565): [client 192.168.99.80:34762] oidc_util_hdr_in_get: X-Forwarded-For=192.1.2.127, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.429943 2023] [auth_openidc:debug] [pid 8242] src/util.c(2565): [client 192.168.99.80:34762] oidc_util_hdr_in_get: User-Agent=Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36 Edg/110.0.1587.50, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.430133 2023] [auth_openidc:debug] [pid 8242] src/mod_auth_openidc.c(671): [client 192.168.99.80:34762] oidc_restore_proto_state: restored state: {"ou":"https://testidcproxy.ofima.ch:443/testautidc/","om":"get","i":"https://sts.windows.net/49078764-2a24-4af0-9d14-12eac8502836/","rt":"code","n":"eBWZ1PJyygzJAaC282t8Yh1E4ctRkwtHny-7lhflyN4","t":1676987588,"s":"NUnKhitsZtkeyJ6kg0T696jQ7zs"}, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.430303 2023] [auth_openidc:debug] [pid 8242] src/cache/common.c(272): [client 192.168.99.80:34762] oidc_cache_get: enter: https://sts.windows.net/49078764-2a24-4af0-9d14-12eac8502836/.well-known/openid-configuration (section=p, decrypt=0, type=shm), referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.430479 2023] [auth_openidc:debug] [pid 8242] src/cache/common.c(304): [client 192.168.99.80:34762] oidc_cache_get: cache hit: return 1736 bytes from shm cache backend for key https://sts.windows.net/49078764-2a24-4af0-9d14-12eac8502836/.well-known/openid-configuration, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.430906 2023] [auth_openidc:debug] [pid 8242] src/proto.c(3043): [client 192.168.99.80:34762] oidc_proto_handle_authorization_response_code: enter, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.431082 2023] [auth_openidc:debug] [pid 8242] src/proto.c(2844): [client 192.168.99.80:34762] oidc_proto_validate_issuer_client_id: iss and/or client_id matched OK: (null), https://sts.windows.net/49078764-2a24-4af0-9d14-12eac8502836/, (null), ca0ba4a4-f522-4891-aa55-34355ef7c175, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.431247 2023] [auth_openidc:debug] [pid 8242] src/proto.c(2063): [client 192.168.99.80:34762] oidc_proto_resolve_code: enter, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.431407 2023] [auth_openidc:debug] [pid 8242] src/util.c(2565): [client 192.168.99.80:34762] oidc_util_hdr_in_get: X-Forwarded-Host=testidcproxy.ofima.ch, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.431566 2023] [auth_openidc:debug] [pid 8242] src/util.c(2565): [client 192.168.99.80:34762] oidc_util_hdr_in_get: X-Forwarded-Port=443, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.431726 2023] [auth_openidc:debug] [pid 8242] src/util.c(2565): [client 192.168.99.80:34762] oidc_util_hdr_in_get: X-Forwarded-Proto=https, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.431884 2023] [auth_openidc:debug] [pid 8242] src/util.c(2565): [client 192.168.99.80:34762] oidc_util_hdr_in_get: X-Forwarded-Proto=https, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.432043 2023] [auth_openidc:debug] [pid 8242] src/util.c(2565): [client 192.168.99.80:34762] oidc_util_hdr_in_get: X-Forwarded-Host=testidcproxy.ofima.ch, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.432085 2023] [auth_openidc:debug] [pid 8242] src/util.c(2565): [client 192.168.99.80:34762] oidc_util_hdr_in_get: X-Forwarded-Port=443, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.432113 2023] [auth_openidc:debug] [pid 8242] src/util.c(704): [client 192.168.99.80:34762] oidc_get_redirect_uri: determined absolute redirect uri: https://testidcproxy.ofima.ch:443/testautidc/redirect_uri, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.432141 2023] [auth_openidc:debug] [pid 8242] src/proto.c(1915): [client 192.168.99.80:34762] oidc_proto_token_endpoint_auth: token_endpoint_auth=client_secret_basic, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.432167 2023] [auth_openidc:debug] [pid 8242] src/proto.c(1736): [client 192.168.99.80:34762] oidc_proto_endpoint_client_secret_basic: enter, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.432240 2023] [auth_openidc:debug] [pid 8242] src/util.c(787): [client 192.168.99.80:34762] oidc_util_http_add_form_url_encoded_param: processing: grant_type=authorization_code, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.432296 2023] [auth_openidc:debug] [pid 8242] src/util.c(787): [client 192.168.99.80:34762] oidc_util_http_add_form_url_encoded_param: processing: code=0.AU8AZIcHSSQq8EqdFBLqyFAoNqSkC8oi9ZFIqlU0NV73wXVPAAA.AgABAAIAAAD--DLA3VO7QrddgJg7WevrAgDs_wUA9P8DZJ9Y7lXAAyqMSCPURpNnISS2Z82b_XdR0tH91LOov9dqZDusXSQ7xeedJAIvreTZXan3xSaovKYIFySWWNwaCezU4hV_4RRd5derh4dfEpLojIBRYmCVzF4nwbmv18XeIN0RVPp2aKmXBsJiZpaL1JRQf8Jvz3ZzTBf0fklHmpzIUWuS6bpACCYtQVqF1wy8KQoZiukI_kPwVKvkfD-Ovs7UAoSGbK299SfCIBTELSbCpeR9FGCKV9Hn9_bX_PePfxu2Z9QQsYtoAGOXQT34_ygNlrxQUTQuswXHs4vKRWC0mMoGaPnSiCM7r68pvCyS9nBW9zXl706BzBoNyPeoCVuiv01syM9jsHv-Ug-Wcj8CfvpmF8OHbwSt2KrwGxsKXberR7BIf9PPaKWUAZ-IABDFpVWqm57IxZWNJN-PwQIJnAH8bR9f_8zSY3snsIAU9haLjxpzpd1gidUPkTsa2OYAiphuvYNgptwbqT0v65oQw42o09IZVuDA1nCLkeEIsmPUbr5G8yQ8wSGADdkvlxQ8kWyQKYIXYQAwB6GRxph6NxrBkQIdV_1YtOq1ywDiHa4YGDiq_VhezxTvUYVz3cyatHlfrrWHkA4SzjcNT25o3wbfNLn2diAVQUgeqUU2dB6DemH-YZSDQWfRacd1KlbtwkXI3bsoVmkDMaAP3fPP0CmTRpjmxio4cOOsZFFJA52kbSoX0Ga0VdxqrdWV_T85ayCr, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.432418 2023] [auth_openidc:debug] [pid 8242] src/util.c(787): [client 192.168.99.80:34762] oidc_util_http_add_form_url_encoded_param: processing: redirect_uri=https://testidcproxy.ofima.ch:443/testautidc/redirect_uri, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.432493 2023] [auth_openidc:debug] [pid 8242] src/util.c(833): [client 192.168.99.80:34762] oidc_util_http_form_encoded_data: data=grant_type=authorization_code&code=0.AU8AZIcHSSQq8EqdFBLqyFAoNqSkC8oi9ZFIqlU0NV73wXVPAAA.AgABAAIAAAD--DLA3VO7QrddgJg7WevrAgDs_wUA9P8DZJ9Y7lXAAyqMSCPURpNnISS2Z82b_XdR0tH91LOov9dqZDusXSQ7xeedJAIvreTZXan3xSaovKYIFySWWNwaCezU4hV_4RRd5derh4dfEpLojIBRYmCVzF4nwbmv18XeIN0RVPp2aKmXBsJiZpaL1JRQf8Jvz3ZzTBf0fklHmpzIUWuS6bpACCYtQVqF1wy8KQoZiukI_kPwVKvkfD-Ovs7UAoSGbK299SfCIBTELSbCpeR9FGCKV9Hn9_bX_PePfxu2Z9QQsYtoAGOXQT34_ygNlrxQUTQuswXHs4vKRWC0mMoGaPnSiCM7r68pvCyS9nBW9zXl706BzBoNyPeoCVuiv01syM9jsHv-Ug-Wcj8CfvpmF8OHbwSt2KrwGxsKXberR7BIf9PPaKWUAZ-IABDFpVWqm57IxZWNJN-PwQIJnAH8bR9f_8zSY3snsIAU9haLjxpzpd1gidUPkTsa2OYAiphuvYNgptwbqT0v65oQw42o09IZVuDA1nCLkeEIsmPUbr5G8yQ8wSGADdkvlxQ8kWyQKYIXYQAwB6GRxph6NxrBkQIdV_1YtOq1ywDiHa4YGDiq_VhezxTvUYVz3cyatHlfrrWHkA4SzjcNT25o3wbfNLn2diAVQUgeqUU2dB6DemH-YZSDQWfRacd1KlbtwkXI3bsoVmkDMaAP3fPP0CmTRpjmxio4cOOsZFFJA52kbSoX0Ga0VdxqrdWV_T85ayCr&redirect_uri=https%3A%2F%2Ftestidcproxy.ofima.ch%3A443%2Ftestautidc%2Fredirect_uri, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.432535 2023] [auth_openidc:debug] [pid 8242] src/util.c(859): [client 192.168.99.80:34762] oidc_util_http_call: url=https://login.windows.net/49078764-2a24-4af0-9d14-12eac8502836/oauth2/token, data=grant_type=authorization_code&code=0.AU8AZIcHSSQq8EqdFBLqyFAoNqSkC8oi9ZFIqlU0NV73wXVPAAA.AgABAAIAAAD--DLA3VO7QrddgJg7WevrAgDs_wUA9P8DZJ9Y7lXAAyqMSCPURpNnISS2Z82b_XdR0tH91LOov9dqZDusXSQ7xeedJAIvreTZXan3xSaovKYIFySWWNwaCezU4hV_4RRd5derh4dfEpLojIBRYmCVzF4nwbmv18XeIN0RVPp2aKmXBsJiZpaL1JRQf8Jvz3ZzTBf0fklHmpzIUWuS6bpACCYtQVqF1wy8KQoZiukI_kPwVKvkfD-Ovs7UAoSGbK299SfCIBTELSbCpeR9FGCKV9Hn9_bX_PePfxu2Z9QQsYtoAGOXQT34_ygNlrxQUTQuswXHs4vKRWC0mMoGaPnSiCM7r68pvCyS9nBW9zXl706BzBoNyPeoCVuiv01syM9jsHv-Ug-Wcj8CfvpmF8OHbwSt2KrwGxsKXberR7BIf9PPaKWUAZ-IABDFpVWqm57IxZWNJN-PwQIJnAH8bR9f_8zSY3snsIAU9haLjxpzpd1gidUPkTsa2OYAiphuvYNgptwbqT0v65oQw42o09IZVuDA1nCLkeEIsmPUbr5G8yQ8wSGADdkvlxQ8kWyQKYIXYQAwB6GRxph6NxrBkQIdV_1YtOq1ywDiHa4YGDiq_VhezxTvUYVz3cyatHlfrrWHkA4SzjcNT25o3wbfNLn2diAVQUgeqUU2dB6DemH-YZSDQWfRacd1KlbtwkXI3bsoVmkDMaAP3fPP0CmTRpjmxio4cOOsZFFJA52kbSoX0Ga0VdxqrdWV_T85ayCr&redirect_uri=https%3A%2F%2Ftestidcproxy.ofima.ch%3A443%2Ftestautidc%2Fredirect_uri, content_type=application/x-www-form-urlencoded, basic_auth=****, bearer_token=(null), ssl_validate_server=1, timeout=60, outgoing_proxy=(null), pass_cookies=0, ssl_cert=(null), ssl_key=(null), ssl_key_pwd=(null), referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.674117 2023] [auth_openidc:debug] [pid 8242] src/util.c(1052): [client 192.168.99.80:34762] oidc_util_http_call: HTTP response code=200, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.674229 2023] [auth_openidc:debug] [pid 8242] src/util.c(1057): [client 192.168.99.80:34762] oidc_util_http_call: response={"token_type":"Bearer","expires_in":"3599","ext_expires_in":"3599","expires_on":"1676991214","access_token":"PAQABAAAAAAD--DLA3VO7QrddgJg7Wevr3XNKx2JtZ_mcLHuaugubpjs5TVGAV902DlTR6cG_8U8DWQkbLlYCfnK-Lx765P8RfJ9jMGGKyHeCnYw-PEnFOWbkah4SIdQVeBiD5_Ey79YKm51Pnf8gc4RQbLNyy_65IPO1711mXxRE7k-KS5JFT6JJ5vHTDp8KMNYfd0VcaL0Ec8IxlQtWX7HUL1kRp8UkIVaMht2SjswUoXM3qhL4gYCRgH0JrZJJjvvUxEp7ul0_oRIAuNBqKUzIBwQCLd8kmUY5JYj0OtBOhReqsYiU4UOftQSa76FzxWbkkIw6EVBOksb43hfFe_UerDger3AB1XxBnRHMdd42ADIIHvc6Nud2nEcnMHYW2CCVuVP9S61SxdI_GwjLl0N_5sTUgqFKCudCVs6t8lfLh3ZbCHt1YzyAtn18Q91EJgnsNSOoxmMjSINRNY1jm4rNDBP5lnzPrrwAd01H3If9t39bF4NM6EpTJ5FncK2f2wvScnlimo3o-Qbu-TfsSgC2gP2UlNK5G-W2eVeujYcrchjKBIfBIhk10EzTPylYwTAXkNIaqcG6kbv7Rm8pwbCD9CSuBZhaKmbl1xbUP64agFW4VhBpvKRwZ7agEEjmaayviuNzUP-q692XYM_QDrRaGFJa3fZxN9O8EyuUO9Hfp2LrvdiJTWyC3eEwIY2ADaB4GIV7XcYTOavGDO0wvNlNLH7X9378A-6fb0cQemxq6o-3BMC2otaFrlnIRk6X46_ueCVZUPmMKahPL3Oiv-prV2gQyQAuIAA","refresh_token":"0.AU8AZIcHSSQq8EqdFBLqyFAoNqSkC8oi9ZFIqlU0NV73wXVPABA.AgABAAEAAAD--DLA3VO7QrddgJg7WevrAgDs_wUA9P-w3zAc5Jg5THGoEmpWT6rDs-ypojVdmeH_00tF9dUFbGZd9eyjapsAXugTrAvHCmtiUVQNK4QfAyygD79GlO1blCrj4-7jCfoySFN4jc2akJzu8XxzXyWj48M1vhFByUvmNeAQ_92jkRQnVpUtHYP_GtbZjFYhcdPaqqNu4o2QmgpzC1OoQG7bZOGIysqsLbZZoR8ZrL5NbafrGk6aDDij4EhsWz5NDAy2HMl8f7Us3HZkSGqlFLiS7P330S9wusj6ccwNLFertigWS2HM6yrDUErKBRkb7wDKHC35RlSgSs6b4UoP3AIogEqe9KFwOIc9SFTQywYUvhcduZIusX4qwby7R4JEFU9v5cUGkrJ4i0Se8IvUYjNaGNXpH6lmX4c2DbEc7NC8WEIXoiKJYgX5WuApMm0ZGgp8XBtcbbIJT13CTXu11Cibh22lyCeajLQrZZVqR6tpgT7oITCo05Ur6OtPGjOfOtuho5mXO4DrFS00PMcxp8jy6kltPQqUdGu4DYENLu5KgcpuYy61cOO7E9ua7HJRXIX9EsjpmywRY4xTL5KZKT0QCwjuQSn8LYMSILJOJVMDWxu8VheOF2EwHs82QBo4tZReNHxcQQwsbE2_RoBy7V2XErgPKya-Skzeie1sRcZDNf3jZhJWK7WjFE9KrQYplyRbQeVwOjFVtMg05p4EY2B-4wfkbWO4hZQCBz3Col06wPnqrF9pNXme-pgHgFKbTU7DBmqFP5JK-GhDvtqjaTJRUP8APBNS_5XuAlPkEfs5-bFl0CbdZUl1OodEgWvGg0I6OlOob-vleRcJ32xBaQvImbXi3H4Q_EJX","id_token":"eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6Ii1LSTNROW5OUjdiUm9meG1lWm9YcWJIWkdldyIsImtpZCI6Ii1LSTNROW5OUjdiUm9meG1lWm9YcWJIWkdldyJ9.eyJhdWQiOiJjYTBiYTRhNC1mNTIyLTQ4OTEtYWE1NS0zNDM1NWVmN2MxNzUiLCJpc3MiOiJodHRwczovL3N0cy53aW5kb3dzLm5ldC80OTA3ODc2NC0yYTI0LTRhZjAtOWQxNC0xMmVhYzg1MDI4MzYvIiwiaWF0IjoxNjc2OTg3MzE0LCJuYmYiOjE2NzY5ODczMTQsImV4cCI6MTY3Njk5MTIxNCwiYW1yIjpbInB3ZCIsIm1mYSJdLCJmYW1pbHlfbmFtZSI6IkludmVybml6emkiLCJnaXZlbl9uYW1lIjoiUGF0cmljayIsImlwYWRkciI6IjE5NS4xNDQuNDAuMTcwIiwibmFtZSI6IkludmVybml6emkgUGF0cmljayIsIm5vbmNlIjoiZUJXWjFQSnl5Z3pKQWFDMjgydDhZaDFFNGN0Umt3dEhueS03bGhmbHlONCIsIm9pZCI6IjhiNzVmMTYyLWIzMmUtNDZkZi04YmQ1LWM5Mjk5OTFhZjY5ZSIsIm9ucHJlbV9zaWQiOiJTLTEtNS0yMS02MDIxNjIzNTgtNzA2Njk5ODI2LTE0MTcwMDEzMzMtNDc0MCIsInJoIjoiMC5BVThBWkljSFNTUXE4RXFkRkJMcXlGQW9OcVNrQzhvaTlaRklxbFUwTlY3M3dYVlBBQkEuIiwic3ViIjoibkphRmh3WXhYTWNnM3VBY3hnTkJCOHVXTGhoN1NGWmtXSlhJcEJId0c0YyIsInRpZCI6IjQ5MDc4NzY0LTJhMjQtNGFmMC05ZDE0LTEyZWFjODUwMjgzNiIsInVuaXF1ZV9uYW1lIjoicGludmVybml6emlAb2ZpbWEuY2giLCJ1cG4iOiJwaW52ZXJuaXp6aUBvZmltYS5jaCIsInV0aSI6InNvSDBTTGxqbkV5VWxxX1kxX05IQUEiLCJ2ZXIiOiIxLjAifQ.M1JmnitRT9b3494-w3rKpQeoNFIgPm3RpAkMxslS1wlFt7utYvFxBygvDqbQSB55XIT6FDhISVAGG6NX_1GNZIlFhi8iL38-9YZNBYVA-7lpVb3zavhGmJdEA960uPqMOs-WwTJANYojJlCdR6C9UroN-dYXXCHDLZryvGNEXYLedK9jl9HEc9u0wtsECNE8q31ZOJrGhFYcRJt_t0nFXQxYwg7TH39o7rRGFg0jBMbz1CddcED1FkGqOT4gyEmHGE71WJsckJbouLuioNfs8rS3Nom1j97_04Vy3iPhCNwqcTQbGACr6NGfEE56qLCAkZiF_s4v0-GRI5oQt1iznQ"}, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.677076 2023] [auth_openidc:debug] [pid 8242] src/proto.c(2685): [client 192.168.99.80:34762] oidc_proto_validate_code_response: enter, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.677175 2023] [auth_openidc:debug] [pid 8242] src/proto.c(1628): [client 192.168.99.80:34762] oidc_proto_parse_idtoken: enter: id_token header={"typ":"JWT","alg":"RS256","x5t":"-KI3Q9nNR7bRofxmeZoXqbHZGew","kid":"-KI3Q9nNR7bRofxmeZoXqbHZGew"}, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.677230 2023] [auth_openidc:debug] [pid 8242] src/util.c(2380): [client 192.168.99.80:34762] oidc_util_create_symmetric_key: key_len=32, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.677412 2023] [auth_openidc:debug] [pid 8242] src/proto.c(1655): [client 192.168.99.80:34762] oidc_proto_parse_idtoken: successfully parsed (and possibly decrypted) JWT with header={"typ":"JWT","alg":"RS256","x5t":"-KI3Q9nNR7bRofxmeZoXqbHZGew","kid":"-KI3Q9nNR7bRofxmeZoXqbHZGew"}, and payload={"aud":"ca0ba4a4-f522-4891-aa55-34355ef7c175","iss":"https://sts.windows.net/49078764-2a24-4af0-9d14-12eac8502836/","iat":1676987314,"nbf":1676987314,"exp":1676991214,"amr":["pwd","mfa"],"family_name":"Invernizzi","given_name":"Patrick","ipaddr":"195.144.40.170","name":"Invernizzi Patrick","nonce":"eBWZ1PJyygzJAaC282t8Yh1E4ctRkwtHny-7lhflyN4","oid":"8b75f162-b32e-46df-8bd5-c929991af69e","onprem_sid":"S-1-5-21-602162358-706699826-1417001333-4740","rh":"0.AU8AZIcHSSQq8EqdFBLqyFAoNqSkC8oi9ZFIqlU0NV73wXVPABA.","sub":"nJaFhwYxXMcg3uAcxgNBB8uWLhh7SFZkWJXIpBHwG4c","tid":"49078764-2a24-4af0-9d14-12eac8502836","unique_name":"[email protected]","upn":"[email protected]","uti":"soH0SLljnEyUlq_Y1_NHAA","ver":"1.0"}, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.677502 2023] [auth_openidc:debug] [pid 8242] src/util.c(2380): [client 192.168.99.80:34762] oidc_util_create_symmetric_key: key_len=40, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.677547 2023] [auth_openidc:debug] [pid 8242] src/metadata.c(655): [client 192.168.99.80:34762] oidc_metadata_jwks_get: enter, jwks_uri=https://login.windows.net/common/discovery/keys, refresh=0, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.677578 2023] [auth_openidc:debug] [pid 8242] src/cache/common.c(272): [client 192.168.99.80:34762] oidc_cache_get: enter: https://login.windows.net/common/discovery/keys (section=j, decrypt=0, type=shm), referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.677656 2023] [auth_openidc:debug] [pid 8242] src/cache/common.c(304): [client 192.168.99.80:34762] oidc_cache_get: cache hit: return 12002 bytes from shm cache backend for key https://login.windows.net/common/discovery/keys, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.679161 2023] [auth_openidc:debug] [pid 8242] src/proto.c(1395): [client 192.168.99.80:34762] oidc_proto_get_key_from_jwks: search for kid "-KI3Q9nNR7bRofxmeZoXqbHZGew" or thumbprint x5t "-KI3Q9nNR7bRofxmeZoXqbHZGew", referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.680147 2023] [auth_openidc:debug] [pid 8242] src/proto.c(1457): [client 192.168.99.80:34762] oidc_proto_get_key_from_jwks: found matching kid: "-KI3Q9nNR7bRofxmeZoXqbHZGew" for jwk: {"kty":"RSA","kid":"-KI3Q9nNR7bRofxmeZoXqbHZGew","e":"AQAB","n":"tJL6Wr2JUsxLyNezPQh1J6zn6wSoDAhgRYSDkaMuEHy75VikiB8wg25WuR96gdMpookdlRvh7SnRvtjQN9b5m4zJCMpSRcJ5DuXl4mcd7Cg3Zp1C5-JmMq8J7m7OS9HpUQbA1yhtCHqP7XA4UnQI28J-TnGiAa3viPLlq0663Cq6hQw7jYo5yNjdJcV5-FS-xNV7UHR4zAMRruMUHxte1IZJzbJmxjKoEjJwDTtcd6DkI3yrkmYt8GdQmu0YBHTJSZiz-M10CY3LbvLzf-tbBNKQ_gfnGGKF7MvRCmPA_YF_APynrIG7p4vPDRXhpG3_CIt317NyvGoIwiv0At83kQ"}, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.680222 2023] [auth_openidc:debug] [pid 8242] src/proto.c(1527): [client 192.168.99.80:34762] oidc_proto_get_keys_from_jwks_uri: returning 1 key(s) obtained from the (possibly cached) JWKs URI, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.680433 2023] [auth_openidc:debug] [pid 8242] src/proto.c(1584): [client 192.168.99.80:34762] oidc_proto_jwt_verify: JWT signature verification with algorithm "RS256" was successful, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.680485 2023] [auth_openidc:debug] [pid 8242] src/proto.c(1349): [client 192.168.99.80:34762] oidc_proto_validate_idtoken: enter, jwt.header="{"typ":"JWT","alg":"RS256","x5t":"-KI3Q9nNR7bRofxmeZoXqbHZGew","kid":"-KI3Q9nNR7bRofxmeZoXqbHZGew"}", jwt.payload="{"aud":"ca0ba4a4-f522-4891-aa55-34355ef7c175","iss":"https://sts.windows.net/49078764-2a24-4af0-9d14-12eac8502836/","iat":1676987314,"nbf":1676987314,"exp":1676991214,"amr":["pwd","mfa"],"family_name":"Invernizzi","given_name":"Patrick","ipaddr":"195.144.40.170","name":"Invernizzi Patrick","nonce":"eBWZ1PJyygzJAaC282t8Yh1E4ctRkwtHny-7lhflyN4","oid":"8b75f162-b32e-46df-8bd5-c929991af69e","onprem_sid":"S-1-5-21-602162358-706699826-1417001333-4740","rh":"0.AU8AZIcHSSQq8EqdFBLqyFAoNqSkC8oi9ZFIqlU0NV73wXVPABA.","sub":"nJaFhwYxXMcg3uAcxgNBB8uWLhh7SFZkWJXIpBHwG4c","tid":"49078764-2a24-4af0-9d14-12eac8502836","unique_name":"[email protected]","upn":"[email protected]","uti":"soH0SLljnEyUlq_Y1_NHAA","ver":"1.0"}", nonce="eBWZ1PJyygzJAaC282t8Yh1E4ctRkwtHny-7lhflyN4", referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.680523 2023] [auth_openidc:debug] [pid 8242] src/cache/common.c(272): [client 192.168.99.80:34762] oidc_cache_get: enter: eBWZ1PJyygzJAaC282t8Yh1E4ctRkwtHny-7lhflyN4 (section=n, decrypt=0, type=shm), referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.680885 2023] [auth_openidc:debug] [pid 8242] src/cache/common.c(306): [client 192.168.99.80:34762] oidc_cache_get: cache miss from shm cache backend for key eBWZ1PJyygzJAaC282t8Yh1E4ctRkwtHny-7lhflyN4, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.680977 2023] [auth_openidc:debug] [pid 8242] src/cache/common.c(329): [client 192.168.99.80:34762] oidc_cache_set: enter: eBWZ1PJyygzJAaC282t8Yh1E4ctRkwtHny-7lhflyN4 (section=n, len=43, encrypt=0, ttl(s)=1210, type=shm), referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.681040 2023] [auth_openidc:debug] [pid 8242] src/cache/common.c(355): [client 192.168.99.80:34762] oidc_cache_set: successfully stored 43 bytes in shm cache backend for key eBWZ1PJyygzJAaC282t8Yh1E4ctRkwtHny-7lhflyN4, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.681075 2023] [auth_openidc:debug] [pid 8242] src/proto.c(1145): [client 192.168.99.80:34762] oidc_proto_validate_nonce: nonce "eBWZ1PJyygzJAaC282t8Yh1E4ctRkwtHny-7lhflyN4" validated successfully and is now cached for 1210 seconds, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.681107 2023] [auth_openidc:debug] [pid 8242] src/util.c(2869): [client 192.168.99.80:34762] oidc_util_json_validate_cnf: enter: policy=optional, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.681134 2023] [auth_openidc:debug] [pid 8242] src/util.c(2876): [client 192.168.99.80:34762] oidc_util_json_validate_cnf: no "cnf" claim found in the token, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.681167 2023] [auth_openidc:debug] [pid 8242] src/proto.c(1698): [client 192.168.99.80:34762] oidc_proto_parse_idtoken: valid id_token for user "nJaFhwYxXMcg3uAcxgNBB8uWLhh7SFZkWJXIpBHwG4c" expires: [Tue, 21 Feb 2023 14:53:34 GMT], in 3602 secs from now), referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.681208 2023] [auth_openidc:debug] [pid 8242] src/mod_auth_openidc.c(1107): [client 192.168.99.80:34762] oidc_retrieve_claims_from_userinfo_endpoint: enter, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.681239 2023] [auth_openidc:debug] [pid 8242] src/proto.c(2306): [client 192.168.99.80:34762] oidc_proto_resolve_userinfo: enter, endpoint=https://login.windows.net/49078764-2a24-4af0-9d14-12eac8502836/openid/userinfo, access_token=PAQABAAAAAAD--DLA3VO7QrddgJg7Wevr3XNKx2JtZ_mcLHuaugubpjs5TVGAV902DlTR6cG_8U8DWQkbLlYCfnK-Lx765P8RfJ9jMGGKyHeCnYw-PEnFOWbkah4SIdQVeBiD5_Ey79YKm51Pnf8gc4RQbLNyy_65IPO1711mXxRE7k-KS5JFT6JJ5vHTDp8KMNYfd0VcaL0Ec8IxlQtWX7HUL1kRp8UkIVaMht2SjswUoXM3qhL4gYCRgH0JrZJJjvvUxEp7ul0_oRIAuNBqKUzIBwQCLd8kmUY5JYj0OtBOhReqsYiU4UOftQSa76FzxWbkkIw6EVBOksb43hfFe_UerDger3AB1XxBnRHMdd42ADIIHvc6Nud2nEcnMHYW2CCVuVP9S61SxdI_GwjLl0N_5sTUgqFKCudCVs6t8lfLh3ZbCHt1YzyAtn18Q91EJgnsNSOoxmMjSINRNY1jm4rNDBP5lnzPrrwAd01H3If9t39bF4NM6EpTJ5FncK2f2wvScnlimo3o-Qbu-TfsSgC2gP2UlNK5G-W2eVeujYcrchjKBIfBIhk10EzTPylYwTAXkNIaqcG6kbv7Rm8pwbCD9CSuBZhaKmbl1xbUP64agFW4VhBpvKRwZ7agEEjmaayviuNzUP-q692XYM_QDrRaGFJa3fZxN9O8EyuUO9Hfp2LrvdiJTWyC3eEwIY2ADaB4GIV7XcYTOavGDO0wvNlNLH7X9378A-6fb0cQemxq6o-3BMC2otaFrlnIRk6X46_ueCVZUPmMKahPL3Oiv-prV2gQyQAuIAA, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.681274 2023] [auth_openidc:debug] [pid 8242] src/util.c(816): [client 192.168.99.80:34762] oidc_util_http_query_encoded_url: url=https://login.windows.net/49078764-2a24-4af0-9d14-12eac8502836/openid/userinfo, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.681307 2023] [auth_openidc:debug] [pid 8242] src/util.c(859): [client 192.168.99.80:34762] oidc_util_http_call: url=https://login.windows.net/49078764-2a24-4af0-9d14-12eac8502836/openid/userinfo, data=(null), content_type=(null), basic_auth=null, bearer_token=PAQABAAAAAAD--DLA3VO7QrddgJg7Wevr3XNKx2JtZ_mcLHuaugubpjs5TVGAV902DlTR6cG_8U8DWQkbLlYCfnK-Lx765P8RfJ9jMGGKyHeCnYw-PEnFOWbkah4SIdQVeBiD5_Ey79YKm51Pnf8gc4RQbLNyy_65IPO1711mXxRE7k-KS5JFT6JJ5vHTDp8KMNYfd0VcaL0Ec8IxlQtWX7HUL1kRp8UkIVaMht2SjswUoXM3qhL4gYCRgH0JrZJJjvvUxEp7ul0_oRIAuNBqKUzIBwQCLd8kmUY5JYj0OtBOhReqsYiU4UOftQSa76FzxWbkkIw6EVBOksb43hfFe_UerDger3AB1XxBnRHMdd42ADIIHvc6Nud2nEcnMHYW2CCVuVP9S61SxdI_GwjLl0N_5sTUgqFKCudCVs6t8lfLh3ZbCHt1YzyAtn18Q91EJgnsNSOoxmMjSINRNY1jm4rNDBP5lnzPrrwAd01H3If9t39bF4NM6EpTJ5FncK2f2wvScnlimo3o-Qbu-TfsSgC2gP2UlNK5G-W2eVeujYcrchjKBIfBIhk10EzTPylYwTAXkNIaqcG6kbv7Rm8pwbCD9CSuBZhaKmbl1xbUP64agFW4VhBpvKRwZ7agEEjmaayviuNzUP-q692XYM_QDrRaGFJa3fZxN9O8EyuUO9Hfp2LrvdiJTWyC3eEwIY2ADaB4GIV7XcYTOavGDO0wvNlNLH7X9378A-6fb0cQemxq6o-3BMC2otaFrlnIRk6X46_ueCVZUPmMKahPL3Oiv-prV2gQyQAuIAA, ssl_validate_server=1, timeout=60, outgoing_proxy=(null), pass_cookies=0, ssl_cert=(null), ssl_key=(null), ssl_key_pwd=(null), referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.930104 2023] [auth_openidc:debug] [pid 8242] src/util.c(1052): [client 192.168.99.80:34762] oidc_util_http_call: HTTP response code=200, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.930209 2023] [auth_openidc:debug] [pid 8242] src/util.c(1057): [client 192.168.99.80:34762] oidc_util_http_call: response={"amr":"[\\"pwd\\",\\"mfa\\"]","family_name":"Invernizzi","given_name":"Patrick","ipaddr":"195.144.40.170","name":"Invernizzi Patrick","oid":"8b75f162-b32e-46df-8bd5-c929991af69e","onprem_sid":"S-1-5-21-602162358-706699826-1417001333-4740","rh":"0.AU8AZIcHSSQq8EqdFBLqyFAoNqSkC8oi9ZFIqlU0NV73wXVPABA.","sub":"nJaFhwYxXMcg3uAcxgNBB8uWLhh7SFZkWJXIpBHwG4c","tid":"49078764-2a24-4af0-9d14-12eac8502836","unique_name":"[email protected]","upn":"[email protected]","uti":"kU04daPM4kCZcmg_EDIXAA","ver":"1.0"}, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.932039 2023] [auth_openidc:debug] [pid 8242] src/proto.c(2113): [client 192.168.99.80:34762] oidc_user_info_response_validate: enter: userinfo_signed_response_alg=(null), userinfo_encrypted_response_alg=(null), userinfo_encrypted_response_enc=(null), referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.932109 2023] [auth_openidc:debug] [pid 8242] src/util.c(2380): [client 192.168.99.80:34762] oidc_util_create_symmetric_key: key_len=32, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.932207 2023] [auth_openidc:debug] [pid 8242] src/proto.c(2213): [client 192.168.99.80:34762] oidc_proto_resolve_composite_claims: enter, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.932240 2023] [auth_openidc:debug] [pid 8242] src/proto.c(2344): [client 192.168.99.80:34762] oidc_proto_resolve_userinfo: id_token_sub=nJaFhwYxXMcg3uAcxgNBB8uWLhh7SFZkWJXIpBHwG4c, user_info_sub=nJaFhwYxXMcg3uAcxgNBB8uWLhh7SFZkWJXIpBHwG4c, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.932367 2023] [auth_openidc:debug] [pid 8242] src/util.c(2322): [client 192.168.99.80:34762] oidc_util_json_merge: src={"aud":"ca0ba4a4-f522-4891-aa55-34355ef7c175","iss":"https://sts.windows.net/49078764-2a24-4af0-9d14-12eac8502836/","iat":1676987314,"nbf":1676987314,"exp":1676991214,"amr":["pwd","mfa"],"family_name":"Invernizzi","given_name":"Patrick","ipaddr":"195.144.40.170","name":"Invernizzi Patrick","nonce":"eBWZ1PJyygzJAaC282t8Yh1E4ctRkwtHny-7lhflyN4","oid":"8b75f162-b32e-46df-8bd5-c929991af69e","onprem_sid":"S-1-5-21-602162358-706699826-1417001333-4740","rh":"0.AU8AZIcHSSQq8EqdFBLqyFAoNqSkC8oi9ZFIqlU0NV73wXVPABA.","sub":"nJaFhwYxXMcg3uAcxgNBB8uWLhh7SFZkWJXIpBHwG4c","tid":"49078764-2a24-4af0-9d14-12eac8502836","unique_name":"[email protected]","upn":"[email protected]","uti":"soH0SLljnEyUlq_Y1_NHAA","ver":"1.0"}, dst={"amr":"[\\"pwd\\",\\"mfa\\"]","family_name":"Invernizzi","given_name":"Patrick","ipaddr":"195.144.40.170","name":"Invernizzi Patrick","oid":"8b75f162-b32e-46df-8bd5-c929991af69e","onprem_sid":"S-1-5-21-602162358-706699826-1417001333-4740","rh":"0.AU8AZIcHSSQq8EqdFBLqyFAoNqSkC8oi9ZFIqlU0NV73wXVPABA.","sub":"nJaFhwYxXMcg3uAcxgNBB8uWLhh7SFZkWJXIpBHwG4c","tid":"49078764-2a24-4af0-9d14-12eac8502836","unique_name":"[email protected]","upn":"[email protected]","uti":"kU04daPM4kCZcmg_EDIXAA","ver":"1.0"}, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.932448 2023] [auth_openidc:debug] [pid 8242] src/util.c(2333): [client 192.168.99.80:34762] oidc_util_json_merge: result dst={"amr":["pwd","mfa"],"family_name":"Invernizzi","given_name":"Patrick","ipaddr":"195.144.40.170","name":"Invernizzi Patrick","oid":"8b75f162-b32e-46df-8bd5-c929991af69e","onprem_sid":"S-1-5-21-602162358-706699826-1417001333-4740","rh":"0.AU8AZIcHSSQq8EqdFBLqyFAoNqSkC8oi9ZFIqlU0NV73wXVPABA.","sub":"nJaFhwYxXMcg3uAcxgNBB8uWLhh7SFZkWJXIpBHwG4c","tid":"49078764-2a24-4af0-9d14-12eac8502836","unique_name":"[email protected]","upn":"[email protected]","uti":"soH0SLljnEyUlq_Y1_NHAA","ver":"1.0","aud":"ca0ba4a4-f522-4891-aa55-34355ef7c175","iss":"https://sts.windows.net/49078764-2a24-4af0-9d14-12eac8502836/","iat":1676987314,"nbf":1676987314,"exp":1676991214,"nonce":"eBWZ1PJyygzJAaC282t8Yh1E4ctRkwtHny-7lhflyN4"}, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.932545 2023] [auth_openidc:debug] [pid 8242] src/mod_auth_openidc.c(1677): [client 192.168.99.80:34762] oidc_set_request_user: set remote_user to "[email protected]" based on claim: "upn", referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.932677 2023] [auth_openidc:debug] [pid 8242] src/session.c(591): [client 192.168.99.80:34762] oidc_session_set_idtoken: storing id_token in the session, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.933225 2023] [auth_openidc:debug] [pid 8242] src/mod_auth_openidc.c(1726): [client 192.168.99.80:34762] oidc_save_in_session: session management enabled: stored session_state (4b2f162d-90c5-4be8-bf94-6c51577c360c), check_session_iframe (https://login.windows.net/49078764-2a24-4af0-9d14-12eac8502836/oauth2/checksession) and client_id (ca0ba4a4-f522-4891-aa55-34355ef7c175) in the session, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.933267 2023] [auth_openidc:debug] [pid 8242] src/mod_auth_openidc.c(993): [client 192.168.99.80:34762] oidc_store_userinfo_claims: enter, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.933387 2023] [auth_openidc:debug] [pid 8242] src/mod_auth_openidc.c(1765): [client 192.168.99.80:34762] oidc_save_in_session: provider->session_max_duration = 28800, session_expires=1677016412933384, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.933420 2023] [auth_openidc:debug] [pid 8242] src/mod_auth_openidc.c(828): [client 192.168.99.80:34762] oidc_log_session_expires: session max lifetime: Tue, 21 Feb 2023 21:53:32 GMT (in 28799 secs from now), referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.933449 2023] [auth_openidc:debug] [pid 8242] src/util.c(2565): [client 192.168.99.80:34762] oidc_util_hdr_in_get: X-Forwarded-Host=testidcproxy.ofima.ch, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.933478 2023] [auth_openidc:debug] [pid 8242] src/mod_auth_openidc.c(1776): [client 192.168.99.80:34762] oidc_save_in_session: provider->backchannel_logout_supported=0, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.933509 2023] [auth_openidc:debug] [pid 8242] src/proto.c(69): [client 192.168.99.80:34762] oidc_proto_generate_random_bytes: apr_generate_random_bytes call for 20 bytes, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.933543 2023] [auth_openidc:debug] [pid 8242] src/proto.c(71): [client 192.168.99.80:34762] oidc_proto_generate_random_bytes: apr_generate_random_bytes returned, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.933577 2023] [auth_openidc:debug] [pid 8242] src/cache/common.c(329): [client 192.168.99.80:34762] oidc_cache_set: enter: nJaFhwYxXMcg3uAcxgNBB8uWLhh7SFZkWJXIpBHwG4c@https://sts.windows.net/49078764-2a24-4af0-9d14-12eac8502836/ (section=d, len=27, encrypt=0, ttl(s)=299, type=shm), referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.933621 2023] [auth_openidc:debug] [pid 8242] src/cache/common.c(355): [client 192.168.99.80:34762] oidc_cache_set: successfully stored 27 bytes in shm cache backend for key nJaFhwYxXMcg3uAcxgNBB8uWLhh7SFZkWJXIpBHwG4c@https://sts.windows.net/49078764-2a24-4af0-9d14-12eac8502836/, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.933807 2023] [auth_openidc:debug] [pid 8242] src/cache/common.c(329): [client 192.168.99.80:34762] oidc_cache_set: enter: CsJHkBIg096tE1UhV0JKjJ5LAi0 (section=s, len=5033, encrypt=0, ttl(s)=299, type=shm), referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.933938 2023] [auth_openidc:debug] [pid 8242] src/cache/common.c(355): [client 192.168.99.80:34762] oidc_cache_set: successfully stored 5033 bytes in shm cache backend for key CsJHkBIg096tE1UhV0JKjJ5LAi0, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.933979 2023] [auth_openidc:debug] [pid 8242] src/util.c(2565): [client 192.168.99.80:34762] oidc_util_hdr_in_get: X-Forwarded-Proto=https, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.934012 2023] [auth_openidc:debug] [pid 8242] src/util.c(2565): [client 192.168.99.80:34762] oidc_util_hdr_in_get: X-Forwarded-Proto=https, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.934042 2023] [auth_openidc:debug] [pid 8242] src/util.c(1171): [client 192.168.99.80:34762] oidc_util_set_cookie_append_value: no cookie append environment variable OIDC_SET_COOKIE_APPEND found, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.934069 2023] [auth_openidc:debug] [pid 8242] src/util.c(2643): [client 192.168.99.80:34762] oidc_util_hdr_err_out_add: Set-Cookie: mod_auth_openidc_session=CsJHkBIg096tE1UhV0JKjJ5LAi0; Path=/; Secure; HttpOnly; SameSite=None, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.934096 2023] [auth_openidc:debug] [pid 8242] src/mod_auth_openidc.c(2003): [client 192.168.99.80:34762] oidc_handle_authorization_response: set remote_user to "[email protected]" in new session "CsJHkBIg096tE1UhV0JKjJ5LAi0", referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.934141 2023] [auth_openidc:debug] [pid 8242] src/mod_auth_openidc.c(2024): [client 192.168.99.80:34762] oidc_handle_authorization_response: session created and stored, returning to original URL: https://testidcproxy.ofima.ch:443/testautidc/, original method: get, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.934169 2023] [auth_openidc:debug] [pid 8242] src/util.c(2621): [client 192.168.99.80:34762] oidc_util_hdr_table_set: Location: https://testidcproxy.ofima.ch:443/testautidc/, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.955583 2023] [auth_openidc:debug] [pid 8244] src/mod_auth_openidc.c(4048): [client 192.168.99.80:34764] oidc_check_user_id: incoming request: "/testautidc/testautidc/?(null)", ap_is_initial_req(r)=1, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.955814 2023] [auth_openidc:debug] [pid 8244] src/util.c(2565): [client 192.168.99.80:34764] oidc_util_hdr_in_get: X-Forwarded-Host=testidcproxy.ofima.ch, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.955977 2023] [auth_openidc:debug] [pid 8244] src/util.c(2565): [client 192.168.99.80:34764] oidc_util_hdr_in_get: X-Forwarded-Port=443, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.956129 2023] [auth_openidc:debug] [pid 8244] src/util.c(2565): [client 192.168.99.80:34764] oidc_util_hdr_in_get: X-Forwarded-Proto=https, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.956280 2023] [auth_openidc:debug] [pid 8244] src/util.c(2565): [client 192.168.99.80:34764] oidc_util_hdr_in_get: X-Forwarded-Proto=https, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.956432 2023] [auth_openidc:debug] [pid 8244] src/util.c(2565): [client 192.168.99.80:34764] oidc_util_hdr_in_get: X-Forwarded-Host=testidcproxy.ofima.ch, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.956582 2023] [auth_openidc:debug] [pid 8244] src/util.c(2565): [client 192.168.99.80:34764] oidc_util_hdr_in_get: X-Forwarded-Port=443, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.956733 2023] [auth_openidc:debug] [pid 8244] src/util.c(704): [client 192.168.99.80:34764] oidc_get_redirect_uri: determined absolute redirect uri: https://testidcproxy.ofima.ch:443/testautidc/redirect_uri, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.956884 2023] [auth_openidc:debug] [pid 8244] src/util.c(2565): [client 192.168.99.80:34764] oidc_util_hdr_in_get: Cookie=mod_auth_openidc_session=CsJHkBIg096tE1UhV0JKjJ5LAi0, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.957081 2023] [auth_openidc:debug] [pid 8244] src/util.c(1281): [client 192.168.99.80:34764] oidc_util_get_cookie: returning "mod_auth_openidc_session" = "CsJHkBIg096tE1UhV0JKjJ5LAi0", referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.957234 2023] [auth_openidc:debug] [pid 8244] src/cache/common.c(272): [client 192.168.99.80:34764] oidc_cache_get: enter: CsJHkBIg096tE1UhV0JKjJ5LAi0 (section=s, decrypt=0, type=shm), referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.957395 2023] [auth_openidc:debug] [pid 8244] src/cache/common.c(304): [client 192.168.99.80:34764] oidc_cache_get: cache hit: return 5033 bytes from shm cache backend for key CsJHkBIg096tE1UhV0JKjJ5LAi0, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.957862 2023] [auth_openidc:debug] [pid 8244] src/util.c(2565): [client 192.168.99.80:34764] oidc_util_hdr_in_get: X-Forwarded-Host=testidcproxy.ofima.ch, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.958031 2023] [auth_openidc:debug] [pid 8244] src/util.c(2565): [client 192.168.99.80:34764] oidc_util_hdr_in_get: X-Forwarded-Port=443, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.958180 2023] [auth_openidc:debug] [pid 8244] src/util.c(2565): [client 192.168.99.80:34764] oidc_util_hdr_in_get: X-Forwarded-Proto=https, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.958327 2023] [auth_openidc:debug] [pid 8244] src/util.c(2565): [client 192.168.99.80:34764] oidc_util_hdr_in_get: X-Forwarded-Proto=https, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.958474 2023] [auth_openidc:debug] [pid 8244] src/util.c(2565): [client 192.168.99.80:34764] oidc_util_hdr_in_get: X-Forwarded-Host=testidcproxy.ofima.ch, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.958623 2023] [auth_openidc:debug] [pid 8244] src/util.c(2565): [client 192.168.99.80:34764] oidc_util_hdr_in_get: X-Forwarded-Port=443, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.958770 2023] [auth_openidc:debug] [pid 8244] src/util.c(704): [client 192.168.99.80:34764] oidc_get_redirect_uri: determined absolute redirect uri: https://testidcproxy.ofima.ch:443/testautidc/redirect_uri, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.958959 2023] [auth_openidc:debug] [pid 8244] src/util.c(1443): [client 192.168.99.80:34764] oidc_util_request_matches_url: comparing "/testautidc/testautidc/"=="/testautidc/redirect_uri", referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.959113 2023] [auth_openidc:debug] [pid 8244] src/mod_auth_openidc.c(1395): [client 192.168.99.80:34764] oidc_handle_existing_session: enter, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.959260 2023] [auth_openidc:debug] [pid 8244] src/mod_auth_openidc.c(1399): [client 192.168.99.80:34764] oidc_handle_existing_session: set remote_user to "[email protected]" in existing session "CsJHkBIg096tE1UhV0JKjJ5LAi0", referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.959408 2023] [auth_openidc:debug] [pid 8244] src/util.c(2565): [client 192.168.99.80:34764] oidc_util_hdr_in_get: X-Forwarded-Host=testidcproxy.ofima.ch, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.959575 2023] [auth_openidc:debug] [pid 8244] src/mod_auth_openidc.c(828): [client 192.168.99.80:34764] oidc_log_session_expires: session max lifetime: Tue, 21 Feb 2023 21:53:32 GMT (in 28799 secs from now), referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.959730 2023] [auth_openidc:debug] [pid 8244] src/mod_auth_openidc.c(1336): [client 192.168.99.80:34764] oidc_refresh_access_token_before_expiry: ttl_minimum=-1, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.959875 2023] [auth_openidc:debug] [pid 8244] src/mod_auth_openidc.c(964): [client 192.168.99.80:34764] oidc_get_provider_from_session: enter, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.960067 2023] [auth_openidc:debug] [pid 8244] src/cache/common.c(272): [client 192.168.99.80:34764] oidc_cache_get: enter: https://sts.windows.net/49078764-2a24-4af0-9d14-12eac8502836/.well-known/openid-configuration (section=p, decrypt=0, type=shm), referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.960232 2023] [auth_openidc:debug] [pid 8244] src/cache/common.c(304): [client 192.168.99.80:34764] oidc_cache_get: cache hit: return 1736 bytes from shm cache backend for key https://sts.windows.net/49078764-2a24-4af0-9d14-12eac8502836/.well-known/openid-configuration, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.960611 2023] [auth_openidc:debug] [pid 8244] src/mod_auth_openidc.c(1206): [client 192.168.99.80:34764] oidc_refresh_claims_from_userinfo_endpoint: userinfo_endpoint=https://login.windows.net/49078764-2a24-4af0-9d14-12eac8502836/openid/userinfo, interval=0, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.961194 2023] [auth_openidc:debug] [pid 8244] src/mod_auth_openidc.c(1247): [client 192.168.99.80:34764] oidc_copy_tokens_to_request_state: id_token={"aud":"ca0ba4a4-f522-4891-aa55-34355ef7c175","iss":"https://sts.windows.net/49078764-2a24-4af0-9d14-12eac8502836/","iat":1676987314,"nbf":1676987314,"exp":1676991214,"amr":["pwd","mfa"],"family_name":"Invernizzi","given_name":"Patrick","ipaddr":"195.144.40.170","name":"Invernizzi Patrick","nonce":"eBWZ1PJyygzJAaC282t8Yh1E4ctRkwtHny-7lhflyN4","oid":"8b75f162-b32e-46df-8bd5-c929991af69e","onprem_sid":"S-1-5-21-602162358-706699826-1417001333-4740","rh":"0.AU8AZIcHSSQq8EqdFBLqyFAoNqSkC8oi9ZFIqlU0NV73wXVPABA.","sub":"nJaFhwYxXMcg3uAcxgNBB8uWLhh7SFZkWJXIpBHwG4c","tid":"49078764-2a24-4af0-9d14-12eac8502836","unique_name":"[email protected]","upn":"[email protected]","uti":"soH0SLljnEyUlq_Y1_NHAA","ver":"1.0"} claims={"amr":"[\\"pwd\\",\\"mfa\\"]","family_name":"Invernizzi","given_name":"Patrick","ipaddr":"195.144.40.170","name":"Invernizzi Patrick","oid":"8b75f162-b32e-46df-8bd5-c929991af69e","onprem_sid":"S-1-5-21-602162358-706699826-1417001333-4740","rh":"0.AU8AZIcHSSQq8EqdFBLqyFAoNqSkC8oi9ZFIqlU0NV73wXVPABA.","sub":"nJaFhwYxXMcg3uAcxgNBB8uWLhh7SFZkWJXIpBHwG4c","tid":"49078764-2a24-4af0-9d14-12eac8502836","unique_name":"[email protected]","upn":"[email protected]","uti":"kU04daPM4kCZcmg_EDIXAA","ver":"1.0"}, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.961496 2023] [auth_openidc:debug] [pid 8244] src/util.c(2621): [client 192.168.99.80:34764] oidc_util_hdr_table_set: OIDC_CLAIM_amr: ["pwd","mfa"], referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.961685 2023] [auth_openidc:debug] [pid 8244] src/util.c(2070): [client 192.168.99.80:34764] oidc_util_set_app_info: setting environment variable "OIDC_CLAIM_amr: ["pwd","mfa"]", referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.961987 2023] [auth_openidc:debug] [pid 8244] src/util.c(2621): [client 192.168.99.80:34764] oidc_util_hdr_table_set: OIDC_CLAIM_family_name: Invernizzi, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.962285 2023] [auth_openidc:debug] [pid 8244] src/util.c(2070): [client 192.168.99.80:34764] oidc_util_set_app_info: setting environment variable "OIDC_CLAIM_family_name: Invernizzi", referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.962437 2023] [auth_openidc:debug] [pid 8244] src/util.c(2621): [client 192.168.99.80:34764] oidc_util_hdr_table_set: OIDC_CLAIM_given_name: Patrick, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.962584 2023] [auth_openidc:debug] [pid 8244] src/util.c(2070): [client 192.168.99.80:34764] oidc_util_set_app_info: setting environment variable "OIDC_CLAIM_given_name: Patrick", referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.962734 2023] [auth_openidc:debug] [pid 8244] src/util.c(2621): [client 192.168.99.80:34764] oidc_util_hdr_table_set: OIDC_CLAIM_ipaddr: 195.144.40.170, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.962912 2023] [auth_openidc:debug] [pid 8244] src/util.c(2070): [client 192.168.99.80:34764] oidc_util_set_app_info: setting environment variable "OIDC_CLAIM_ipaddr: 195.144.40.170", referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.963110 2023] [auth_openidc:debug] [pid 8244] src/util.c(2621): [client 192.168.99.80:34764] oidc_util_hdr_table_set: OIDC_CLAIM_name: Invernizzi Patrick, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.963264 2023] [auth_openidc:debug] [pid 8244] src/util.c(2070): [client 192.168.99.80:34764] oidc_util_set_app_info: setting environment variable "OIDC_CLAIM_name: Invernizzi Patrick", referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.963413 2023] [auth_openidc:debug] [pid 8244] src/util.c(2621): [client 192.168.99.80:34764] oidc_util_hdr_table_set: OIDC_CLAIM_oid: 8b75f162-b32e-46df-8bd5-c929991af69e, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.963562 2023] [auth_openidc:debug] [pid 8244] src/util.c(2070): [client 192.168.99.80:34764] oidc_util_set_app_info: setting environment variable "OIDC_CLAIM_oid: 8b75f162-b32e-46df-8bd5-c929991af69e", referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.963619 2023] [auth_openidc:debug] [pid 8244] src/util.c(2621): [client 192.168.99.80:34764] oidc_util_hdr_table_set: OIDC_CLAIM_onprem_sid: S-1-5-21-602162358-706699826-1417001333-4740, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.963652 2023] [auth_openidc:debug] [pid 8244] src/util.c(2070): [client 192.168.99.80:34764] oidc_util_set_app_info: setting environment variable "OIDC_CLAIM_onprem_sid: S-1-5-21-602162358-706699826-1417001333-4740", referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.963679 2023] [auth_openidc:debug] [pid 8244] src/util.c(2621): [client 192.168.99.80:34764] oidc_util_hdr_table_set: OIDC_CLAIM_rh: 0.AU8AZIcHSSQq8EqdFBLqyFAoNqSkC8oi9ZFIqlU0NV73wXVPABA., referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.963706 2023] [auth_openidc:debug] [pid 8244] src/util.c(2070): [client 192.168.99.80:34764] oidc_util_set_app_info: setting environment variable "OIDC_CLAIM_rh: 0.AU8AZIcHSSQq8EqdFBLqyFAoNqSkC8oi9ZFIqlU0NV73wXVPABA.", referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.963732 2023] [auth_openidc:debug] [pid 8244] src/util.c(2621): [client 192.168.99.80:34764] oidc_util_hdr_table_set: OIDC_CLAIM_sub: nJaFhwYxXMcg3uAcxgNBB8uWLhh7SFZkWJXIpBHwG4c, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.963758 2023] [auth_openidc:debug] [pid 8244] src/util.c(2070): [client 192.168.99.80:34764] oidc_util_set_app_info: setting environment variable "OIDC_CLAIM_sub: nJaFhwYxXMcg3uAcxgNBB8uWLhh7SFZkWJXIpBHwG4c", referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.963785 2023] [auth_openidc:debug] [pid 8244] src/util.c(2621): [client 192.168.99.80:34764] oidc_util_hdr_table_set: OIDC_CLAIM_tid: 49078764-2a24-4af0-9d14-12eac8502836, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.963811 2023] [auth_openidc:debug] [pid 8244] src/util.c(2070): [client 192.168.99.80:34764] oidc_util_set_app_info: setting environment variable "OIDC_CLAIM_tid: 49078764-2a24-4af0-9d14-12eac8502836", referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.963838 2023] [auth_openidc:debug] [pid 8244] src/util.c(2621): [client 192.168.99.80:34764] oidc_util_hdr_table_set: OIDC_CLAIM_unique_name: [email protected], referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.963864 2023] [auth_openidc:debug] [pid 8244] src/util.c(2070): [client 192.168.99.80:34764] oidc_util_set_app_info: setting environment variable "OIDC_CLAIM_unique_name: [email protected]", referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.963890 2023] [auth_openidc:debug] [pid 8244] src/util.c(2621): [client 192.168.99.80:34764] oidc_util_hdr_table_set: OIDC_CLAIM_upn: [email protected], referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.963916 2023] [auth_openidc:debug] [pid 8244] src/util.c(2070): [client 192.168.99.80:34764] oidc_util_set_app_info: setting environment variable "OIDC_CLAIM_upn: [email protected]", referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.963987 2023] [auth_openidc:debug] [pid 8244] src/util.c(2621): [client 192.168.99.80:34764] oidc_util_hdr_table_set: OIDC_CLAIM_uti: kU04daPM4kCZcmg_EDIXAA, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.964016 2023] [auth_openidc:debug] [pid 8244] src/util.c(2070): [client 192.168.99.80:34764] oidc_util_set_app_info: setting environment variable "OIDC_CLAIM_uti: kU04daPM4kCZcmg_EDIXAA", referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.964044 2023] [auth_openidc:debug] [pid 8244] src/util.c(2621): [client 192.168.99.80:34764] oidc_util_hdr_table_set: OIDC_CLAIM_ver: 1.0, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.964069 2023] [auth_openidc:debug] [pid 8244] src/util.c(2070): [client 192.168.99.80:34764] oidc_util_set_app_info: setting environment variable "OIDC_CLAIM_ver: 1.0", referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.964159 2023] [auth_openidc:debug] [pid 8244] src/util.c(2621): [client 192.168.99.80:34764] oidc_util_hdr_table_set: OIDC_CLAIM_aud: ca0ba4a4-f522-4891-aa55-34355ef7c175, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.964188 2023] [auth_openidc:debug] [pid 8244] src/util.c(2070): [client 192.168.99.80:34764] oidc_util_set_app_info: setting environment variable "OIDC_CLAIM_aud: ca0ba4a4-f522-4891-aa55-34355ef7c175", referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.964215 2023] [auth_openidc:debug] [pid 8244] src/util.c(2621): [client 192.168.99.80:34764] oidc_util_hdr_table_set: OIDC_CLAIM_iss: https://sts.windows.net/49078764-2a24-4af0-9d14-12eac8502836/, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.964241 2023] [auth_openidc:debug] [pid 8244] src/util.c(2070): [client 192.168.99.80:34764] oidc_util_set_app_info: setting environment variable "OIDC_CLAIM_iss: https://sts.windows.net/49078764-2a24-4af0-9d14-12eac8502836/", referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.964274 2023] [auth_openidc:debug] [pid 8244] src/util.c(2621): [client 192.168.99.80:34764] oidc_util_hdr_table_set: OIDC_CLAIM_iat: 1676987314, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.964301 2023] [auth_openidc:debug] [pid 8244] src/util.c(2070): [client 192.168.99.80:34764] oidc_util_set_app_info: setting environment variable "OIDC_CLAIM_iat: 1676987314", referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.964329 2023] [auth_openidc:debug] [pid 8244] src/util.c(2621): [client 192.168.99.80:34764] oidc_util_hdr_table_set: OIDC_CLAIM_nbf: 1676987314, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.964356 2023] [auth_openidc:debug] [pid 8244] src/util.c(2070): [client 192.168.99.80:34764] oidc_util_set_app_info: setting environment variable "OIDC_CLAIM_nbf: 1676987314", referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.964384 2023] [auth_openidc:debug] [pid 8244] src/util.c(2621): [client 192.168.99.80:34764] oidc_util_hdr_table_set: OIDC_CLAIM_exp: 1676991214, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.964410 2023] [auth_openidc:debug] [pid 8244] src/util.c(2070): [client 192.168.99.80:34764] oidc_util_set_app_info: setting environment variable "OIDC_CLAIM_exp: 1676991214", referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.964437 2023] [auth_openidc:debug] [pid 8244] src/util.c(2150): [client 192.168.99.80:34764] oidc_util_set_app_infos: parsing attribute array for key "amr" (#nr-of-elems: 2), referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.964465 2023] [auth_openidc:debug] [pid 8244] src/util.c(2621): [client 192.168.99.80:34764] oidc_util_hdr_table_set: OIDC_CLAIM_amr: pwd,mfa, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.964491 2023] [auth_openidc:debug] [pid 8244] src/util.c(2070): [client 192.168.99.80:34764] oidc_util_set_app_info: setting environment variable "OIDC_CLAIM_amr: pwd,mfa", referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.964547 2023] [auth_openidc:debug] [pid 8244] src/util.c(2621): [client 192.168.99.80:34764] oidc_util_hdr_table_set: OIDC_CLAIM_family_name: Invernizzi, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.964576 2023] [auth_openidc:debug] [pid 8244] src/util.c(2070): [client 192.168.99.80:34764] oidc_util_set_app_info: setting environment variable "OIDC_CLAIM_family_name: Invernizzi", referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.964604 2023] [auth_openidc:debug] [pid 8244] src/util.c(2621): [client 192.168.99.80:34764] oidc_util_hdr_table_set: OIDC_CLAIM_given_name: Patrick, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.964630 2023] [auth_openidc:debug] [pid 8244] src/util.c(2070): [client 192.168.99.80:34764] oidc_util_set_app_info: setting environment variable "OIDC_CLAIM_given_name: Patrick", referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.964657 2023] [auth_openidc:debug] [pid 8244] src/util.c(2621): [client 192.168.99.80:34764] oidc_util_hdr_table_set: OIDC_CLAIM_ipaddr: 195.144.40.170, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.964683 2023] [auth_openidc:debug] [pid 8244] src/util.c(2070): [client 192.168.99.80:34764] oidc_util_set_app_info: setting environment variable "OIDC_CLAIM_ipaddr: 195.144.40.170", referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.964710 2023] [auth_openidc:debug] [pid 8244] src/util.c(2621): [client 192.168.99.80:34764] oidc_util_hdr_table_set: OIDC_CLAIM_name: Invernizzi Patrick, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.964736 2023] [auth_openidc:debug] [pid 8244] src/util.c(2070): [client 192.168.99.80:34764] oidc_util_set_app_info: setting environment variable "OIDC_CLAIM_name: Invernizzi Patrick", referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.964763 2023] [auth_openidc:debug] [pid 8244] src/util.c(2621): [client 192.168.99.80:34764] oidc_util_hdr_table_set: OIDC_CLAIM_nonce: eBWZ1PJyygzJAaC282t8Yh1E4ctRkwtHny-7lhflyN4, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.964790 2023] [auth_openidc:debug] [pid 8244] src/util.c(2070): [client 192.168.99.80:34764] oidc_util_set_app_info: setting environment variable "OIDC_CLAIM_nonce: eBWZ1PJyygzJAaC282t8Yh1E4ctRkwtHny-7lhflyN4", referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.964817 2023] [auth_openidc:debug] [pid 8244] src/util.c(2621): [client 192.168.99.80:34764] oidc_util_hdr_table_set: OIDC_CLAIM_oid: 8b75f162-b32e-46df-8bd5-c929991af69e, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.964845 2023] [auth_openidc:debug] [pid 8244] src/util.c(2070): [client 192.168.99.80:34764] oidc_util_set_app_info: setting environment variable "OIDC_CLAIM_oid: 8b75f162-b32e-46df-8bd5-c929991af69e", referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.964872 2023] [auth_openidc:debug] [pid 8244] src/util.c(2621): [client 192.168.99.80:34764] oidc_util_hdr_table_set: OIDC_CLAIM_onprem_sid: S-1-5-21-602162358-706699826-1417001333-4740, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.964899 2023] [auth_openidc:debug] [pid 8244] src/util.c(2070): [client 192.168.99.80:34764] oidc_util_set_app_info: setting environment variable "OIDC_CLAIM_onprem_sid: S-1-5-21-602162358-706699826-1417001333-4740", referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.964926 2023] [auth_openidc:debug] [pid 8244] src/util.c(2621): [client 192.168.99.80:34764] oidc_util_hdr_table_set: OIDC_CLAIM_rh: 0.AU8AZIcHSSQq8EqdFBLqyFAoNqSkC8oi9ZFIqlU0NV73wXVPABA., referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.964952 2023] [auth_openidc:debug] [pid 8244] src/util.c(2070): [client 192.168.99.80:34764] oidc_util_set_app_info: setting environment variable "OIDC_CLAIM_rh: 0.AU8AZIcHSSQq8EqdFBLqyFAoNqSkC8oi9ZFIqlU0NV73wXVPABA.", referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.964979 2023] [auth_openidc:debug] [pid 8244] src/util.c(2621): [client 192.168.99.80:34764] oidc_util_hdr_table_set: OIDC_CLAIM_sub: nJaFhwYxXMcg3uAcxgNBB8uWLhh7SFZkWJXIpBHwG4c, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.965034 2023] [auth_openidc:debug] [pid 8244] src/util.c(2070): [client 192.168.99.80:34764] oidc_util_set_app_info: setting environment variable "OIDC_CLAIM_sub: nJaFhwYxXMcg3uAcxgNBB8uWLhh7SFZkWJXIpBHwG4c", referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.965063 2023] [auth_openidc:debug] [pid 8244] src/util.c(2621): [client 192.168.99.80:34764] oidc_util_hdr_table_set: OIDC_CLAIM_tid: 49078764-2a24-4af0-9d14-12eac8502836, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.965089 2023] [auth_openidc:debug] [pid 8244] src/util.c(2070): [client 192.168.99.80:34764] oidc_util_set_app_info: setting environment variable "OIDC_CLAIM_tid: 49078764-2a24-4af0-9d14-12eac8502836", referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.965116 2023] [auth_openidc:debug] [pid 8244] src/util.c(2621): [client 192.168.99.80:34764] oidc_util_hdr_table_set: OIDC_CLAIM_unique_name: [email protected], referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.965142 2023] [auth_openidc:debug] [pid 8244] src/util.c(2070): [client 192.168.99.80:34764] oidc_util_set_app_info: setting environment variable "OIDC_CLAIM_unique_name: [email protected]", referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.965169 2023] [auth_openidc:debug] [pid 8244] src/util.c(2621): [client 192.168.99.80:34764] oidc_util_hdr_table_set: OIDC_CLAIM_upn: [email protected], referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.965195 2023] [auth_openidc:debug] [pid 8244] src/util.c(2070): [client 192.168.99.80:34764] oidc_util_set_app_info: setting environment variable "OIDC_CLAIM_upn: [email protected]", referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.965221 2023] [auth_openidc:debug] [pid 8244] src/util.c(2621): [client 192.168.99.80:34764] oidc_util_hdr_table_set: OIDC_CLAIM_uti: soH0SLljnEyUlq_Y1_NHAA, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.965247 2023] [auth_openidc:debug] [pid 8244] src/util.c(2070): [client 192.168.99.80:34764] oidc_util_set_app_info: setting environment variable "OIDC_CLAIM_uti: soH0SLljnEyUlq_Y1_NHAA", referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.965274 2023] [auth_openidc:debug] [pid 8244] src/util.c(2621): [client 192.168.99.80:34764] oidc_util_hdr_table_set: OIDC_CLAIM_ver: 1.0, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.965300 2023] [auth_openidc:debug] [pid 8244] src/util.c(2070): [client 192.168.99.80:34764] oidc_util_set_app_info: setting environment variable "OIDC_CLAIM_ver: 1.0", referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.965339 2023] [auth_openidc:debug] [pid 8244] src/util.c(2621): [client 192.168.99.80:34764] oidc_util_hdr_table_set: OIDC_access_token: PAQABAAAAAAD--DLA3VO7QrddgJg7Wevr3XNKx2JtZ_mcLHuaugubpjs5TVGAV902DlTR6cG_8U8DWQkbLlYCfnK-Lx765P8RfJ9jMGGKyHeCnYw-PEnFOWbkah4SIdQVeBiD5_Ey79YKm51Pnf8gc4RQbLNyy_65IPO1711mXxRE7k-KS5JFT6JJ5vHTDp8KMNYfd0VcaL0Ec8IxlQtWX7HUL1kRp8UkIVaMht2SjswUoXM3qhL4gYCRgH0JrZJJjvvUxEp7ul0_oRIAuNBqKUzIBwQCLd8kmUY5JYj0OtBOhReqsYiU4UOftQSa76FzxWbkkIw6EVBOksb43hfFe_UerDger3AB1XxBnRHMdd42ADIIHvc6Nud2nEcnMHYW2CCVuVP9S61SxdI_GwjLl0N_5sTUgqFKCudCVs6t8lfLh3ZbCHt1YzyAtn18Q91EJgnsNSOoxmMjSINRNY1jm4rNDBP5lnzPrrwAd01H3If9t39bF4NM6EpTJ5FncK2f2wvScnlimo3o-Qbu-TfsSgC2gP2UlNK5G-W2eVeujYcrchjKBIfBIhk10EzTPylYwTAXkNIaqcG6kbv7Rm8pwbCD9CSuBZhaKmbl1xbUP64agFW4VhBpvKRwZ7agEEjmaayviuNzUP-q692XYM_QDrRaGFJa3fZxN9O8EyuUO9Hfp2LrvdiJTWyC3eEwIY2ADaB4GIV7XcYTOavGDO0wvNlNLH7X9378A-6fb0cQemxq6o-3BMC2otaFrlnIRk6X46_ueCVZUPmMKahPL3Oiv-prV2gQyQAuIAA, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.965376 2023] [auth_openidc:debug] [pid 8244] src/util.c(2070): [client 192.168.99.80:34764] oidc_util_set_app_info: setting environment variable "OIDC_access_token: PAQABAAAAAAD--DLA3VO7QrddgJg7Wevr3XNKx2JtZ_mcLHuaugubpjs5TVGAV902DlTR6cG_8U8DWQkbLlYCfnK-Lx765P8RfJ9jMGGKyHeCnYw-PEnFOWbkah4SIdQVeBiD5_Ey79YKm51Pnf8gc4RQbLNyy_65IPO1711mXxRE7k-KS5JFT6JJ5vHTDp8KMNYfd0VcaL0Ec8IxlQtWX7HUL1kRp8UkIVaMht2SjswUoXM3qhL4gYCRgH0JrZJJjvvUxEp7ul0_oRIAuNBqKUzIBwQCLd8kmUY5JYj0OtBOhReqsYiU4UOftQSa76FzxWbkkIw6EVBOksb43hfFe_UerDger3AB1XxBnRHMdd42ADIIHvc6Nud2nEcnMHYW2CCVuVP9S61SxdI_GwjLl0N_5sTUgqFKCudCVs6t8lfLh3ZbCHt1YzyAtn18Q91EJgnsNSOoxmMjSINRNY1jm4rNDBP5lnzPrrwAd01H3If9t39bF4NM6EpTJ5FncK2f2wvScnlimo3o-Qbu-TfsSgC2gP2UlNK5G-W2eVeujYcrchjKBIfBIhk10EzTPylYwTAXkNIaqcG6kbv7Rm8pwbCD9CSuBZhaKmbl1xbUP64agFW4VhBpvKRwZ7agEEjmaayviuNzUP-q692XYM_QDrRaGFJa3fZxN9O8EyuUO9Hfp2LrvdiJTWyC3eEwIY2ADaB4GIV7XcYTOavGDO0wvNlNLH7X9378A-6fb0cQemxq6o-3BMC2otaFrlnIRk6X46_ueCVZUPmMKahPL3Oiv-prV2gQyQAuIAA", referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.965442 2023] [auth_openidc:debug] [pid 8244] src/mod_auth_openidc.c(828): [client 192.168.99.80:34764] oidc_log_session_expires: session inactivity timeout: Tue, 21 Feb 2023 13:58:32 GMT (in 299 secs from now), referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.965479 2023] [auth_openidc:debug] [pid 8244] src/util.c(2565): [client 192.168.99.80:34764] oidc_util_hdr_in_get: Cookie=mod_auth_openidc_session=CsJHkBIg096tE1UhV0JKjJ5LAi0, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.965774 2023] [auth_openidc:debug] [pid 8244] src/util.c(2565): [client 192.168.99.80:34764] oidc_util_hdr_in_get: X-Forwarded-Host=testidcproxy.ofima.ch, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.965816 2023] [auth_openidc:debug] [pid 8244] src/util.c(2565): [client 192.168.99.80:34764] oidc_util_hdr_in_get: X-Forwarded-Port=443, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.965842 2023] [auth_openidc:debug] [pid 8244] src/util.c(2565): [client 192.168.99.80:34764] oidc_util_hdr_in_get: X-Forwarded-Proto=https, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.965867 2023] [auth_openidc:debug] [pid 8244] src/util.c(2565): [client 192.168.99.80:34764] oidc_util_hdr_in_get: X-Forwarded-Proto=https, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.965894 2023] [auth_openidc:debug] [pid 8244] src/util.c(2565): [client 192.168.99.80:34764] oidc_util_hdr_in_get: X-Forwarded-Host=testidcproxy.ofima.ch, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.965919 2023] [auth_openidc:debug] [pid 8244] src/util.c(2565): [client 192.168.99.80:34764] oidc_util_hdr_in_get: X-Forwarded-Port=443, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.965945 2023] [auth_openidc:debug] [pid 8244] src/util.c(704): [client 192.168.99.80:34764] oidc_get_redirect_uri: determined absolute redirect uri: https://testidcproxy.ofima.ch:443/testautidc/redirect_uri, referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:32.965974 2023] [auth_openidc:debug] [pid 8244] src/util.c(1443): [client 192.168.99.80:34764] oidc_util_request_matches_url: comparing "/testautidc/testautidc/"=="/testautidc/redirect_uri", referer: https://login.microsoftonline.com/
[Tue Feb 21 14:53:33.033679 2023] [auth_openidc:debug] [pid 8244] src/mod_auth_openidc.c(4048): [client 192.168.99.80:34764] oidc_check_user_id: incoming request: "/testautidc/favicon.ico?(null)", ap_is_initial_req(r)=1, referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.033746 2023] [auth_openidc:debug] [pid 8244] src/util.c(2565): [client 192.168.99.80:34764] oidc_util_hdr_in_get: X-Forwarded-Host=testidcproxy.ofima.ch, referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.033777 2023] [auth_openidc:debug] [pid 8244] src/util.c(2565): [client 192.168.99.80:34764] oidc_util_hdr_in_get: X-Forwarded-Port=443, referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.033803 2023] [auth_openidc:debug] [pid 8244] src/util.c(2565): [client 192.168.99.80:34764] oidc_util_hdr_in_get: X-Forwarded-Proto=https, referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.033828 2023] [auth_openidc:debug] [pid 8244] src/util.c(2565): [client 192.168.99.80:34764] oidc_util_hdr_in_get: X-Forwarded-Proto=https, referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.033897 2023] [auth_openidc:debug] [pid 8244] src/util.c(2565): [client 192.168.99.80:34764] oidc_util_hdr_in_get: X-Forwarded-Host=testidcproxy.ofima.ch, referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.033927 2023] [auth_openidc:debug] [pid 8244] src/util.c(2565): [client 192.168.99.80:34764] oidc_util_hdr_in_get: X-Forwarded-Port=443, referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.033953 2023] [auth_openidc:debug] [pid 8244] src/util.c(704): [client 192.168.99.80:34764] oidc_get_redirect_uri: determined absolute redirect uri: https://testidcproxy.ofima.ch:443/testautidc/redirect_uri, referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.033980 2023] [auth_openidc:debug] [pid 8244] src/util.c(2565): [client 192.168.99.80:34764] oidc_util_hdr_in_get: Cookie=mod_auth_openidc_session=CsJHkBIg096tE1UhV0JKjJ5LAi0, referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.034008 2023] [auth_openidc:debug] [pid 8244] src/util.c(1281): [client 192.168.99.80:34764] oidc_util_get_cookie: returning "mod_auth_openidc_session" = "CsJHkBIg096tE1UhV0JKjJ5LAi0", referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.034034 2023] [auth_openidc:debug] [pid 8244] src/cache/common.c(272): [client 192.168.99.80:34764] oidc_cache_get: enter: CsJHkBIg096tE1UhV0JKjJ5LAi0 (section=s, decrypt=0, type=shm), referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.034069 2023] [auth_openidc:debug] [pid 8244] src/cache/common.c(304): [client 192.168.99.80:34764] oidc_cache_get: cache hit: return 5033 bytes from shm cache backend for key CsJHkBIg096tE1UhV0JKjJ5LAi0, referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.034371 2023] [auth_openidc:debug] [pid 8244] src/util.c(2565): [client 192.168.99.80:34764] oidc_util_hdr_in_get: X-Forwarded-Host=testidcproxy.ofima.ch, referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.034401 2023] [auth_openidc:debug] [pid 8244] src/util.c(2565): [client 192.168.99.80:34764] oidc_util_hdr_in_get: X-Forwarded-Port=443, referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.034427 2023] [auth_openidc:debug] [pid 8244] src/util.c(2565): [client 192.168.99.80:34764] oidc_util_hdr_in_get: X-Forwarded-Proto=https, referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.034452 2023] [auth_openidc:debug] [pid 8244] src/util.c(2565): [client 192.168.99.80:34764] oidc_util_hdr_in_get: X-Forwarded-Proto=https, referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.034478 2023] [auth_openidc:debug] [pid 8244] src/util.c(2565): [client 192.168.99.80:34764] oidc_util_hdr_in_get: X-Forwarded-Host=testidcproxy.ofima.ch, referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.034503 2023] [auth_openidc:debug] [pid 8244] src/util.c(2565): [client 192.168.99.80:34764] oidc_util_hdr_in_get: X-Forwarded-Port=443, referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.034529 2023] [auth_openidc:debug] [pid 8244] src/util.c(704): [client 192.168.99.80:34764] oidc_get_redirect_uri: determined absolute redirect uri: https://testidcproxy.ofima.ch:443/testautidc/redirect_uri, referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.034557 2023] [auth_openidc:debug] [pid 8244] src/util.c(1443): [client 192.168.99.80:34764] oidc_util_request_matches_url: comparing "/testautidc/favicon.ico"=="/testautidc/redirect_uri", referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.034583 2023] [auth_openidc:debug] [pid 8244] src/mod_auth_openidc.c(1395): [client 192.168.99.80:34764] oidc_handle_existing_session: enter, referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.034609 2023] [auth_openidc:debug] [pid 8244] src/mod_auth_openidc.c(1399): [client 192.168.99.80:34764] oidc_handle_existing_session: set remote_user to "[email protected]" in existing session "CsJHkBIg096tE1UhV0JKjJ5LAi0", referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.034669 2023] [auth_openidc:debug] [pid 8244] src/util.c(2565): [client 192.168.99.80:34764] oidc_util_hdr_in_get: X-Forwarded-Host=testidcproxy.ofima.ch, referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.034715 2023] [auth_openidc:debug] [pid 8244] src/mod_auth_openidc.c(828): [client 192.168.99.80:34764] oidc_log_session_expires: session max lifetime: Tue, 21 Feb 2023 21:53:32 GMT (in 28798 secs from now), referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.034743 2023] [auth_openidc:debug] [pid 8244] src/mod_auth_openidc.c(1336): [client 192.168.99.80:34764] oidc_refresh_access_token_before_expiry: ttl_minimum=-1, referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.034768 2023] [auth_openidc:debug] [pid 8244] src/mod_auth_openidc.c(964): [client 192.168.99.80:34764] oidc_get_provider_from_session: enter, referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.034796 2023] [auth_openidc:debug] [pid 8244] src/cache/common.c(272): [client 192.168.99.80:34764] oidc_cache_get: enter: https://sts.windows.net/49078764-2a24-4af0-9d14-12eac8502836/.well-known/openid-configuration (section=p, decrypt=0, type=shm), referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.034830 2023] [auth_openidc:debug] [pid 8244] src/cache/common.c(304): [client 192.168.99.80:34764] oidc_cache_get: cache hit: return 1736 bytes from shm cache backend for key https://sts.windows.net/49078764-2a24-4af0-9d14-12eac8502836/.well-known/openid-configuration, referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.035088 2023] [auth_openidc:debug] [pid 8244] src/mod_auth_openidc.c(1206): [client 192.168.99.80:34764] oidc_refresh_claims_from_userinfo_endpoint: userinfo_endpoint=https://login.windows.net/49078764-2a24-4af0-9d14-12eac8502836/openid/userinfo, interval=0, referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.035141 2023] [auth_openidc:debug] [pid 8244] src/mod_auth_openidc.c(1247): [client 192.168.99.80:34764] oidc_copy_tokens_to_request_state: id_token={"aud":"ca0ba4a4-f522-4891-aa55-34355ef7c175","iss":"https://sts.windows.net/49078764-2a24-4af0-9d14-12eac8502836/","iat":1676987314,"nbf":1676987314,"exp":1676991214,"amr":["pwd","mfa"],"family_name":"Invernizzi","given_name":"Patrick","ipaddr":"195.144.40.170","name":"Invernizzi Patrick","nonce":"eBWZ1PJyygzJAaC282t8Yh1E4ctRkwtHny-7lhflyN4","oid":"8b75f162-b32e-46df-8bd5-c929991af69e","onprem_sid":"S-1-5-21-602162358-706699826-1417001333-4740","rh":"0.AU8AZIcHSSQq8EqdFBLqyFAoNqSkC8oi9ZFIqlU0NV73wXVPABA.","sub":"nJaFhwYxXMcg3uAcxgNBB8uWLhh7SFZkWJXIpBHwG4c","tid":"49078764-2a24-4af0-9d14-12eac8502836","unique_name":"[email protected]","upn":"[email protected]","uti":"soH0SLljnEyUlq_Y1_NHAA","ver":"1.0"} claims={"amr":"[\\"pwd\\",\\"mfa\\"]","family_name":"Invernizzi","given_name":"Patrick","ipaddr":"195.144.40.170","name":"Invernizzi Patrick","oid":"8b75f162-b32e-46df-8bd5-c929991af69e","onprem_sid":"S-1-5-21-602162358-706699826-1417001333-4740","rh":"0.AU8AZIcHSSQq8EqdFBLqyFAoNqSkC8oi9ZFIqlU0NV73wXVPABA.","sub":"nJaFhwYxXMcg3uAcxgNBB8uWLhh7SFZkWJXIpBHwG4c","tid":"49078764-2a24-4af0-9d14-12eac8502836","unique_name":"[email protected]","upn":"[email protected]","uti":"kU04daPM4kCZcmg_EDIXAA","ver":"1.0"}, referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.035224 2023] [auth_openidc:debug] [pid 8244] src/util.c(2621): [client 192.168.99.80:34764] oidc_util_hdr_table_set: OIDC_CLAIM_amr: ["pwd","mfa"], referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.035254 2023] [auth_openidc:debug] [pid 8244] src/util.c(2070): [client 192.168.99.80:34764] oidc_util_set_app_info: setting environment variable "OIDC_CLAIM_amr: ["pwd","mfa"]", referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.035281 2023] [auth_openidc:debug] [pid 8244] src/util.c(2621): [client 192.168.99.80:34764] oidc_util_hdr_table_set: OIDC_CLAIM_family_name: Invernizzi, referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.035340 2023] [auth_openidc:debug] [pid 8244] src/util.c(2070): [client 192.168.99.80:34764] oidc_util_set_app_info: setting environment variable "OIDC_CLAIM_family_name: Invernizzi", referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.035370 2023] [auth_openidc:debug] [pid 8244] src/util.c(2621): [client 192.168.99.80:34764] oidc_util_hdr_table_set: OIDC_CLAIM_given_name: Patrick, referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.035396 2023] [auth_openidc:debug] [pid 8244] src/util.c(2070): [client 192.168.99.80:34764] oidc_util_set_app_info: setting environment variable "OIDC_CLAIM_given_name: Patrick", referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.035422 2023] [auth_openidc:debug] [pid 8244] src/util.c(2621): [client 192.168.99.80:34764] oidc_util_hdr_table_set: OIDC_CLAIM_ipaddr: 195.144.40.170, referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.035447 2023] [auth_openidc:debug] [pid 8244] src/util.c(2070): [client 192.168.99.80:34764] oidc_util_set_app_info: setting environment variable "OIDC_CLAIM_ipaddr: 195.144.40.170", referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.035474 2023] [auth_openidc:debug] [pid 8244] src/util.c(2621): [client 192.168.99.80:34764] oidc_util_hdr_table_set: OIDC_CLAIM_name: Invernizzi Patrick, referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.035499 2023] [auth_openidc:debug] [pid 8244] src/util.c(2070): [client 192.168.99.80:34764] oidc_util_set_app_info: setting environment variable "OIDC_CLAIM_name: Invernizzi Patrick", referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.035526 2023] [auth_openidc:debug] [pid 8244] src/util.c(2621): [client 192.168.99.80:34764] oidc_util_hdr_table_set: OIDC_CLAIM_oid: 8b75f162-b32e-46df-8bd5-c929991af69e, referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.035553 2023] [auth_openidc:debug] [pid 8244] src/util.c(2070): [client 192.168.99.80:34764] oidc_util_set_app_info: setting environment variable "OIDC_CLAIM_oid: 8b75f162-b32e-46df-8bd5-c929991af69e", referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.035579 2023] [auth_openidc:debug] [pid 8244] src/util.c(2621): [client 192.168.99.80:34764] oidc_util_hdr_table_set: OIDC_CLAIM_onprem_sid: S-1-5-21-602162358-706699826-1417001333-4740, referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.035626 2023] [auth_openidc:debug] [pid 8244] src/util.c(2070): [client 192.168.99.80:34764] oidc_util_set_app_info: setting environment variable "OIDC_CLAIM_onprem_sid: S-1-5-21-602162358-706699826-1417001333-4740", referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.035656 2023] [auth_openidc:debug] [pid 8244] src/util.c(2621): [client 192.168.99.80:34764] oidc_util_hdr_table_set: OIDC_CLAIM_rh: 0.AU8AZIcHSSQq8EqdFBLqyFAoNqSkC8oi9ZFIqlU0NV73wXVPABA., referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.035682 2023] [auth_openidc:debug] [pid 8244] src/util.c(2070): [client 192.168.99.80:34764] oidc_util_set_app_info: setting environment variable "OIDC_CLAIM_rh: 0.AU8AZIcHSSQq8EqdFBLqyFAoNqSkC8oi9ZFIqlU0NV73wXVPABA.", referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.035709 2023] [auth_openidc:debug] [pid 8244] src/util.c(2621): [client 192.168.99.80:34764] oidc_util_hdr_table_set: OIDC_CLAIM_sub: nJaFhwYxXMcg3uAcxgNBB8uWLhh7SFZkWJXIpBHwG4c, referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.035735 2023] [auth_openidc:debug] [pid 8244] src/util.c(2070): [client 192.168.99.80:34764] oidc_util_set_app_info: setting environment variable "OIDC_CLAIM_sub: nJaFhwYxXMcg3uAcxgNBB8uWLhh7SFZkWJXIpBHwG4c", referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.035762 2023] [auth_openidc:debug] [pid 8244] src/util.c(2621): [client 192.168.99.80:34764] oidc_util_hdr_table_set: OIDC_CLAIM_tid: 49078764-2a24-4af0-9d14-12eac8502836, referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.035817 2023] [auth_openidc:debug] [pid 8244] src/util.c(2070): [client 192.168.99.80:34764] oidc_util_set_app_info: setting environment variable "OIDC_CLAIM_tid: 49078764-2a24-4af0-9d14-12eac8502836", referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.035847 2023] [auth_openidc:debug] [pid 8244] src/util.c(2621): [client 192.168.99.80:34764] oidc_util_hdr_table_set: OIDC_CLAIM_unique_name: [email protected], referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.035874 2023] [auth_openidc:debug] [pid 8244] src/util.c(2070): [client 192.168.99.80:34764] oidc_util_set_app_info: setting environment variable "OIDC_CLAIM_unique_name: [email protected]", referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.035900 2023] [auth_openidc:debug] [pid 8244] src/util.c(2621): [client 192.168.99.80:34764] oidc_util_hdr_table_set: OIDC_CLAIM_upn: [email protected], referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.035926 2023] [auth_openidc:debug] [pid 8244] src/util.c(2070): [client 192.168.99.80:34764] oidc_util_set_app_info: setting environment variable "OIDC_CLAIM_upn: [email protected]", referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.035953 2023] [auth_openidc:debug] [pid 8244] src/util.c(2621): [client 192.168.99.80:34764] oidc_util_hdr_table_set: OIDC_CLAIM_uti: kU04daPM4kCZcmg_EDIXAA, referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.035978 2023] [auth_openidc:debug] [pid 8244] src/util.c(2070): [client 192.168.99.80:34764] oidc_util_set_app_info: setting environment variable "OIDC_CLAIM_uti: kU04daPM4kCZcmg_EDIXAA", referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.036005 2023] [auth_openidc:debug] [pid 8244] src/util.c(2621): [client 192.168.99.80:34764] oidc_util_hdr_table_set: OIDC_CLAIM_ver: 1.0, referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.036031 2023] [auth_openidc:debug] [pid 8244] src/util.c(2070): [client 192.168.99.80:34764] oidc_util_set_app_info: setting environment variable "OIDC_CLAIM_ver: 1.0", referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.036115 2023] [auth_openidc:debug] [pid 8244] src/util.c(2621): [client 192.168.99.80:34764] oidc_util_hdr_table_set: OIDC_CLAIM_aud: ca0ba4a4-f522-4891-aa55-34355ef7c175, referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.036153 2023] [auth_openidc:debug] [pid 8244] src/util.c(2070): [client 192.168.99.80:34764] oidc_util_set_app_info: setting environment variable "OIDC_CLAIM_aud: ca0ba4a4-f522-4891-aa55-34355ef7c175", referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.036181 2023] [auth_openidc:debug] [pid 8244] src/util.c(2621): [client 192.168.99.80:34764] oidc_util_hdr_table_set: OIDC_CLAIM_iss: https://sts.windows.net/49078764-2a24-4af0-9d14-12eac8502836/, referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.036208 2023] [auth_openidc:debug] [pid 8244] src/util.c(2070): [client 192.168.99.80:34764] oidc_util_set_app_info: setting environment variable "OIDC_CLAIM_iss: https://sts.windows.net/49078764-2a24-4af0-9d14-12eac8502836/", referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.036238 2023] [auth_openidc:debug] [pid 8244] src/util.c(2621): [client 192.168.99.80:34764] oidc_util_hdr_table_set: OIDC_CLAIM_iat: 1676987314, referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.036265 2023] [auth_openidc:debug] [pid 8244] src/util.c(2070): [client 192.168.99.80:34764] oidc_util_set_app_info: setting environment variable "OIDC_CLAIM_iat: 1676987314", referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.036293 2023] [auth_openidc:debug] [pid 8244] src/util.c(2621): [client 192.168.99.80:34764] oidc_util_hdr_table_set: OIDC_CLAIM_nbf: 1676987314, referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.036319 2023] [auth_openidc:debug] [pid 8244] src/util.c(2070): [client 192.168.99.80:34764] oidc_util_set_app_info: setting environment variable "OIDC_CLAIM_nbf: 1676987314", referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.036376 2023] [auth_openidc:debug] [pid 8244] src/util.c(2621): [client 192.168.99.80:34764] oidc_util_hdr_table_set: OIDC_CLAIM_exp: 1676991214, referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.036405 2023] [auth_openidc:debug] [pid 8244] src/util.c(2070): [client 192.168.99.80:34764] oidc_util_set_app_info: setting environment variable "OIDC_CLAIM_exp: 1676991214", referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.036432 2023] [auth_openidc:debug] [pid 8244] src/util.c(2150): [client 192.168.99.80:34764] oidc_util_set_app_infos: parsing attribute array for key "amr" (#nr-of-elems: 2), referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.036460 2023] [auth_openidc:debug] [pid 8244] src/util.c(2621): [client 192.168.99.80:34764] oidc_util_hdr_table_set: OIDC_CLAIM_amr: pwd,mfa, referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.036486 2023] [auth_openidc:debug] [pid 8244] src/util.c(2070): [client 192.168.99.80:34764] oidc_util_set_app_info: setting environment variable "OIDC_CLAIM_amr: pwd,mfa", referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.036512 2023] [auth_openidc:debug] [pid 8244] src/util.c(2621): [client 192.168.99.80:34764] oidc_util_hdr_table_set: OIDC_CLAIM_family_name: Invernizzi, referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.036538 2023] [auth_openidc:debug] [pid 8244] src/util.c(2070): [client 192.168.99.80:34764] oidc_util_set_app_info: setting environment variable "OIDC_CLAIM_family_name: Invernizzi", referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.036564 2023] [auth_openidc:debug] [pid 8244] src/util.c(2621): [client 192.168.99.80:34764] oidc_util_hdr_table_set: OIDC_CLAIM_given_name: Patrick, referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.036590 2023] [auth_openidc:debug] [pid 8244] src/util.c(2070): [client 192.168.99.80:34764] oidc_util_set_app_info: setting environment variable "OIDC_CLAIM_given_name: Patrick", referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.036617 2023] [auth_openidc:debug] [pid 8244] src/util.c(2621): [client 192.168.99.80:34764] oidc_util_hdr_table_set: OIDC_CLAIM_ipaddr: 195.144.40.170, referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.036642 2023] [auth_openidc:debug] [pid 8244] src/util.c(2070): [client 192.168.99.80:34764] oidc_util_set_app_info: setting environment variable "OIDC_CLAIM_ipaddr: 195.144.40.170", referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.036668 2023] [auth_openidc:debug] [pid 8244] src/util.c(2621): [client 192.168.99.80:34764] oidc_util_hdr_table_set: OIDC_CLAIM_name: Invernizzi Patrick, referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.036695 2023] [auth_openidc:debug] [pid 8244] src/util.c(2070): [client 192.168.99.80:34764] oidc_util_set_app_info: setting environment variable "OIDC_CLAIM_name: Invernizzi Patrick", referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.036721 2023] [auth_openidc:debug] [pid 8244] src/util.c(2621): [client 192.168.99.80:34764] oidc_util_hdr_table_set: OIDC_CLAIM_nonce: eBWZ1PJyygzJAaC282t8Yh1E4ctRkwtHny-7lhflyN4, referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.036748 2023] [auth_openidc:debug] [pid 8244] src/util.c(2070): [client 192.168.99.80:34764] oidc_util_set_app_info: setting environment variable "OIDC_CLAIM_nonce: eBWZ1PJyygzJAaC282t8Yh1E4ctRkwtHny-7lhflyN4", referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.036775 2023] [auth_openidc:debug] [pid 8244] src/util.c(2621): [client 192.168.99.80:34764] oidc_util_hdr_table_set: OIDC_CLAIM_oid: 8b75f162-b32e-46df-8bd5-c929991af69e, referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.036801 2023] [auth_openidc:debug] [pid 8244] src/util.c(2070): [client 192.168.99.80:34764] oidc_util_set_app_info: setting environment variable "OIDC_CLAIM_oid: 8b75f162-b32e-46df-8bd5-c929991af69e", referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.036859 2023] [auth_openidc:debug] [pid 8244] src/util.c(2621): [client 192.168.99.80:34764] oidc_util_hdr_table_set: OIDC_CLAIM_onprem_sid: S-1-5-21-602162358-706699826-1417001333-4740, referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.036888 2023] [auth_openidc:debug] [pid 8244] src/util.c(2070): [client 192.168.99.80:34764] oidc_util_set_app_info: setting environment variable "OIDC_CLAIM_onprem_sid: S-1-5-21-602162358-706699826-1417001333-4740", referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.036916 2023] [auth_openidc:debug] [pid 8244] src/util.c(2621): [client 192.168.99.80:34764] oidc_util_hdr_table_set: OIDC_CLAIM_rh: 0.AU8AZIcHSSQq8EqdFBLqyFAoNqSkC8oi9ZFIqlU0NV73wXVPABA., referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.036999 2023] [auth_openidc:debug] [pid 8244] src/util.c(2070): [client 192.168.99.80:34764] oidc_util_set_app_info: setting environment variable "OIDC_CLAIM_rh: 0.AU8AZIcHSSQq8EqdFBLqyFAoNqSkC8oi9ZFIqlU0NV73wXVPABA.", referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.037035 2023] [auth_openidc:debug] [pid 8244] src/util.c(2621): [client 192.168.99.80:34764] oidc_util_hdr_table_set: OIDC_CLAIM_sub: nJaFhwYxXMcg3uAcxgNBB8uWLhh7SFZkWJXIpBHwG4c, referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.037062 2023] [auth_openidc:debug] [pid 8244] src/util.c(2070): [client 192.168.99.80:34764] oidc_util_set_app_info: setting environment variable "OIDC_CLAIM_sub: nJaFhwYxXMcg3uAcxgNBB8uWLhh7SFZkWJXIpBHwG4c", referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.037090 2023] [auth_openidc:debug] [pid 8244] src/util.c(2621): [client 192.168.99.80:34764] oidc_util_hdr_table_set: OIDC_CLAIM_tid: 49078764-2a24-4af0-9d14-12eac8502836, referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.037116 2023] [auth_openidc:debug] [pid 8244] src/util.c(2070): [client 192.168.99.80:34764] oidc_util_set_app_info: setting environment variable "OIDC_CLAIM_tid: 49078764-2a24-4af0-9d14-12eac8502836", referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.037143 2023] [auth_openidc:debug] [pid 8244] src/util.c(2621): [client 192.168.99.80:34764] oidc_util_hdr_table_set: OIDC_CLAIM_unique_name: [email protected], referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.037169 2023] [auth_openidc:debug] [pid 8244] src/util.c(2070): [client 192.168.99.80:34764] oidc_util_set_app_info: setting environment variable "OIDC_CLAIM_unique_name: [email protected]", referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.037196 2023] [auth_openidc:debug] [pid 8244] src/util.c(2621): [client 192.168.99.80:34764] oidc_util_hdr_table_set: OIDC_CLAIM_upn: [email protected], referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.037222 2023] [auth_openidc:debug] [pid 8244] src/util.c(2070): [client 192.168.99.80:34764] oidc_util_set_app_info: setting environment variable "OIDC_CLAIM_upn: [email protected]", referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.037249 2023] [auth_openidc:debug] [pid 8244] src/util.c(2621): [client 192.168.99.80:34764] oidc_util_hdr_table_set: OIDC_CLAIM_uti: soH0SLljnEyUlq_Y1_NHAA, referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.037275 2023] [auth_openidc:debug] [pid 8244] src/util.c(2070): [client 192.168.99.80:34764] oidc_util_set_app_info: setting environment variable "OIDC_CLAIM_uti: soH0SLljnEyUlq_Y1_NHAA", referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.037302 2023] [auth_openidc:debug] [pid 8244] src/util.c(2621): [client 192.168.99.80:34764] oidc_util_hdr_table_set: OIDC_CLAIM_ver: 1.0, referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.037328 2023] [auth_openidc:debug] [pid 8244] src/util.c(2070): [client 192.168.99.80:34764] oidc_util_set_app_info: setting environment variable "OIDC_CLAIM_ver: 1.0", referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.037399 2023] [auth_openidc:debug] [pid 8244] src/util.c(2621): [client 192.168.99.80:34764] oidc_util_hdr_table_set: OIDC_access_token: PAQABAAAAAAD--DLA3VO7QrddgJg7Wevr3XNKx2JtZ_mcLHuaugubpjs5TVGAV902DlTR6cG_8U8DWQkbLlYCfnK-Lx765P8RfJ9jMGGKyHeCnYw-PEnFOWbkah4SIdQVeBiD5_Ey79YKm51Pnf8gc4RQbLNyy_65IPO1711mXxRE7k-KS5JFT6JJ5vHTDp8KMNYfd0VcaL0Ec8IxlQtWX7HUL1kRp8UkIVaMht2SjswUoXM3qhL4gYCRgH0JrZJJjvvUxEp7ul0_oRIAuNBqKUzIBwQCLd8kmUY5JYj0OtBOhReqsYiU4UOftQSa76FzxWbkkIw6EVBOksb43hfFe_UerDger3AB1XxBnRHMdd42ADIIHvc6Nud2nEcnMHYW2CCVuVP9S61SxdI_GwjLl0N_5sTUgqFKCudCVs6t8lfLh3ZbCHt1YzyAtn18Q91EJgnsNSOoxmMjSINRNY1jm4rNDBP5lnzPrrwAd01H3If9t39bF4NM6EpTJ5FncK2f2wvScnlimo3o-Qbu-TfsSgC2gP2UlNK5G-W2eVeujYcrchjKBIfBIhk10EzTPylYwTAXkNIaqcG6kbv7Rm8pwbCD9CSuBZhaKmbl1xbUP64agFW4VhBpvKRwZ7agEEjmaayviuNzUP-q692XYM_QDrRaGFJa3fZxN9O8EyuUO9Hfp2LrvdiJTWyC3eEwIY2ADaB4GIV7XcYTOavGDO0wvNlNLH7X9378A-6fb0cQemxq6o-3BMC2otaFrlnIRk6X46_ueCVZUPmMKahPL3Oiv-prV2gQyQAuIAA, referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.037440 2023] [auth_openidc:debug] [pid 8244] src/util.c(2070): [client 192.168.99.80:34764] oidc_util_set_app_info: setting environment variable "OIDC_access_token: PAQABAAAAAAD--DLA3VO7QrddgJg7Wevr3XNKx2JtZ_mcLHuaugubpjs5TVGAV902DlTR6cG_8U8DWQkbLlYCfnK-Lx765P8RfJ9jMGGKyHeCnYw-PEnFOWbkah4SIdQVeBiD5_Ey79YKm51Pnf8gc4RQbLNyy_65IPO1711mXxRE7k-KS5JFT6JJ5vHTDp8KMNYfd0VcaL0Ec8IxlQtWX7HUL1kRp8UkIVaMht2SjswUoXM3qhL4gYCRgH0JrZJJjvvUxEp7ul0_oRIAuNBqKUzIBwQCLd8kmUY5JYj0OtBOhReqsYiU4UOftQSa76FzxWbkkIw6EVBOksb43hfFe_UerDger3AB1XxBnRHMdd42ADIIHvc6Nud2nEcnMHYW2CCVuVP9S61SxdI_GwjLl0N_5sTUgqFKCudCVs6t8lfLh3ZbCHt1YzyAtn18Q91EJgnsNSOoxmMjSINRNY1jm4rNDBP5lnzPrrwAd01H3If9t39bF4NM6EpTJ5FncK2f2wvScnlimo3o-Qbu-TfsSgC2gP2UlNK5G-W2eVeujYcrchjKBIfBIhk10EzTPylYwTAXkNIaqcG6kbv7Rm8pwbCD9CSuBZhaKmbl1xbUP64agFW4VhBpvKRwZ7agEEjmaayviuNzUP-q692XYM_QDrRaGFJa3fZxN9O8EyuUO9Hfp2LrvdiJTWyC3eEwIY2ADaB4GIV7XcYTOavGDO0wvNlNLH7X9378A-6fb0cQemxq6o-3BMC2otaFrlnIRk6X46_ueCVZUPmMKahPL3Oiv-prV2gQyQAuIAA", referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.037475 2023] [auth_openidc:debug] [pid 8244] src/mod_auth_openidc.c(828): [client 192.168.99.80:34764] oidc_log_session_expires: session inactivity timeout: Tue, 21 Feb 2023 13:58:32 GMT (in 298 secs from now), referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.037508 2023] [auth_openidc:debug] [pid 8244] src/util.c(2565): [client 192.168.99.80:34764] oidc_util_hdr_in_get: Cookie=mod_auth_openidc_session=CsJHkBIg096tE1UhV0JKjJ5LAi0, referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.037760 2023] [auth_openidc:debug] [pid 8244] src/util.c(2565): [client 192.168.99.80:34764] oidc_util_hdr_in_get: X-Forwarded-Host=testidcproxy.ofima.ch, referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.037826 2023] [auth_openidc:debug] [pid 8244] src/util.c(2565): [client 192.168.99.80:34764] oidc_util_hdr_in_get: X-Forwarded-Port=443, referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.037855 2023] [auth_openidc:debug] [pid 8244] src/util.c(2565): [client 192.168.99.80:34764] oidc_util_hdr_in_get: X-Forwarded-Proto=https, referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.037881 2023] [auth_openidc:debug] [pid 8244] src/util.c(2565): [client 192.168.99.80:34764] oidc_util_hdr_in_get: X-Forwarded-Proto=https, referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.037907 2023] [auth_openidc:debug] [pid 8244] src/util.c(2565): [client 192.168.99.80:34764] oidc_util_hdr_in_get: X-Forwarded-Host=testidcproxy.ofima.ch, referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.037933 2023] [auth_openidc:debug] [pid 8244] src/util.c(2565): [client 192.168.99.80:34764] oidc_util_hdr_in_get: X-Forwarded-Port=443, referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.037959 2023] [auth_openidc:debug] [pid 8244] src/util.c(704): [client 192.168.99.80:34764] oidc_get_redirect_uri: determined absolute redirect uri: https://testidcproxy.ofima.ch:443/testautidc/redirect_uri, referer: https://testidcproxy.ofima.ch/testautidc/
[Tue Feb 21 14:53:33.038020 2023] [auth_openidc:debug] [pid 8244] src/util.c(1443): [client 192.168.99.80:34764] oidc_util_request_matches_url: comparing "/testautidc/favicon.ico"=="/testautidc/redirect_uri", referer: https://testidcproxy.ofima.ch/testautidc/

sirpatrick2 Feb 22, 2023
Author

Thanks a lot for you precious help, zandbelt.
Finally I managed to get it working with this configuration of the Proxy.

<VirtualHost *:443>
 ServerName testidcproxy.ofima.ch:443

 ProxyPreserveHost On

 ProxyPass        "/testautidc" "https://lxinp.ofima.ch/testautidc/"
 ProxyPassReverse "/testautidc" "https://lxinp.ofima.ch/testautidc/"

 ProxyPass        "/" "https://lxinp.ofima.ch/testautidc/"
 ProxyPassReverse "/" "https://lxinp.ofima.ch/testautidc/"
 
 SSLEngine On
 SSLCertificateFile /etc/apache2/ssl.crt/star_ofima_ch.crt
 SSLCertificateKeyFile /etc/apache2/ssl.key/star_ofima_ch.key
 SSLCertificateChainFile /etc/apache2/ssl.crt/SectigoRSAOVBundle.pem

 SSLProxyEngine on
</VirtualHost>

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

mod_auth_openidc through apache Reverse Proxy, error #1012

{{title}}

Replies: 6 comments 21 replies

{{title}}

{{title}}

{{title}}

{{title}}

{{title}}

{{title}}

{{editor}}'s edit

{{editor}}'s edit

{{title}}

{{editor}}'s edit

{{editor}}'s edit

{{title}}

{{editor}}'s edit

{{editor}}'s edit

{{title}}

{{title}}

{{title}}

{{title}}

{{title}}

{{title}}

{{editor}}'s edit

{{editor}}'s edit

{{title}}

{{title}}

{{title}}

{{title}}

{{editor}}'s edit

{{editor}}'s edit

Select a reply

mod_auth_openidc through apache Reverse Proxy, error #1012

sirpatrick2 Feb 9, 2023

Replies: 6 comments · 21 replies

zandbelt Feb 9, 2023 Maintainer

sirpatrick2 Feb 9, 2023 Author

sirpatrick2 Feb 20, 2023 Author

zandbelt Feb 20, 2023 Maintainer

sirpatrick2 Feb 20, 2023 Author

zandbelt Feb 20, 2023 Maintainer

sirpatrick2 Feb 20, 2023 Author

zandbelt Feb 20, 2023 Maintainer

sirpatrick2 Feb 20, 2023 Author

zandbelt Feb 20, 2023 Maintainer

sirpatrick2 Feb 21, 2023 Author

zandbelt Feb 21, 2023 Maintainer

sirpatrick2 Feb 21, 2023 Author

zandbelt Feb 21, 2023 Maintainer

sirpatrick2 Feb 21, 2023 Author

zandbelt Feb 21, 2023 Maintainer

sirpatrick2 Feb 21, 2023 Author

sirpatrick2 Feb 22, 2023 Author

sirpatrick2
Feb 9, 2023

Replies: 6 comments 21 replies

zandbelt
Feb 9, 2023
Maintainer

sirpatrick2
Feb 9, 2023
Author

sirpatrick2 Feb 20, 2023
Author

zandbelt Feb 20, 2023
Maintainer

sirpatrick2 Feb 20, 2023
Author

zandbelt Feb 20, 2023
Maintainer

sirpatrick2 Feb 20, 2023
Author

zandbelt
Feb 20, 2023
Maintainer

sirpatrick2
Feb 20, 2023
Author

zandbelt Feb 20, 2023
Maintainer

sirpatrick2
Feb 21, 2023
Author

zandbelt Feb 21, 2023
Maintainer

sirpatrick2
Feb 21, 2023
Author

zandbelt Feb 21, 2023
Maintainer

sirpatrick2 Feb 21, 2023
Author

zandbelt Feb 21, 2023
Maintainer

sirpatrick2 Feb 21, 2023
Author

sirpatrick2 Feb 22, 2023
Author