Claims not available after redirect to callback URL

[bruattack]

I am running an Debian bullseye Docker image with apache2 and mod_auth_openidc and PHP 7.4.30 (php:7.4-apache-bullseye). I have tried to integrate both with gitlab and an IdentityServer4 IDP.

I followed the "how-to" and several similar guides and examples...

I get redirected to the IDP's Login, and after the redirect from the there the Require valid-user is fulfilled and access is granted to my protected area, however there are no claims anywhere, not even the username. I dumped both $_SERVER and $_ENV, nothing, and I also tried passing the headers, but no cigar.

The logs and tcpdumps suggest the redirects are happening (obviously), but I can't see any interaction between my webserver and the IDP after the redirect back to the callback_uri happens, even if I explicitly add the userinfo endpoint to the config...

Any suggestions? I am now tryin the same thing on a QEMU linux box to see if it is a docker networking issue...

Edit: works like a charm with the same settings on a "real" Ubuntu 22.04 with php8.1 with the same settings...

[bruattack]

OK, created a new Docker image from a base ubuntu:22.04 with PHP 8.1 and the openidc mod, works fine.

[bruattack]

This is a PEBKAC issue :) My apache configuration was incorrect and the callback uri led to a directory outside the "openidc protection sphere" :)