We've been using a custom Oauth2 Authorization Server together with some SpringBoot applications for a couple of years.
Now there is a demand to integrate the authentication of a legacy php application. I have done some research and found the OpenId Module for Apache. I managed to configure it successfully and initiate the authorization code flow.
The problem occurs when the auth server redirects back to my application:
OpenID Connect Provider error: Error in handling response type.
Reading this issue I understand that the problem happens because the authorization server does not return the id_token (it also does not accept an 'openid' scope). We don't want to change it just to attend a legacy application.
On the other side I can see that the correct authorization code is present at the callback, if the module just let me continue I could grab the token aftwards and solve our issue.
Is there any way to avoid this error without changing the authorization server?
This is the configuration I am using:
OIDCProviderJwksUri https://myauthserver/.well-known/jwks.json
OIDCProviderAuthorizationEndpoint https://myauthserver/oauth/authorize
OIDCClientID myclientId
OIDCClientSecret 12345
OIDCScope "all"
OIDCResponseType "code"
OIDCRedirectURI /protected
#OIDCRedirectURI http://myRedirectUrl
OIDCCryptoPassphrase SOMEPASSPHRASE