From f7b1f5e99e1189155767591563fdfbe46cd45cd0 Mon Sep 17 00:00:00 2001 From: Edwin <12404233-edwinh01@users.noreply.gitlab.com> Date: Wed, 8 May 2024 15:31:21 +0200 Subject: [PATCH] Fix for OIDC XML validation error despite valid configuration & updated OIDC backend example file. * Since Galaxy 23.1 using the api_url configuration parameter in the "oidc_backend_config.xml" file for authenticating with Azure will return an error when a user tries to log in. This bug has been documented before and can be seen here: https://github.com/galaxyproject/galaxy/issues/16373 * This problem can be solved by replacing the "api_url" parameter with the "tenant_id" parameter. However, this change of parameter name and expected value has not been documented in either the galaxy docs or in the oidc_backends_config.xml.sample example file since changes to the OIDC code have been made. This pull request attempts to solve that by updating the example file. * In addition, since release_24.0, an XML validation is performed on the oidc_backends_config.xml file which causes the Galaxy process to return an error and exit on startup because it fails to acknowledge "tenant_id" as a legitimate parameter in the XML file. Even though this parameter is required since the OIDC changes in Galaxy 23.1. The changes to the oidc_backends_config.xsd file in this commit can fix that problem. --- lib/galaxy/authnz/xsd/oidc_backends_config.xsd | 7 +++++++ lib/galaxy/config/sample/oidc_backends_config.xml.sample | 7 ++++--- 2 files changed, 11 insertions(+), 3 deletions(-) diff --git a/lib/galaxy/authnz/xsd/oidc_backends_config.xsd b/lib/galaxy/authnz/xsd/oidc_backends_config.xsd index a8ffe7a0cd5b..a8fbbd392d5c 100644 --- a/lib/galaxy/authnz/xsd/oidc_backends_config.xsd +++ b/lib/galaxy/authnz/xsd/oidc_backends_config.xsd @@ -114,6 +114,13 @@ + + + + Tenant ID for the IdP. + + + diff --git a/lib/galaxy/config/sample/oidc_backends_config.xml.sample b/lib/galaxy/config/sample/oidc_backends_config.xml.sample index 9cf5480a2c60..ce8e8e1d0b27 100644 --- a/lib/galaxy/config/sample/oidc_backends_config.xml.sample +++ b/lib/galaxy/config/sample/oidc_backends_config.xml.sample @@ -192,12 +192,13 @@ Please mind `http` and `https`. ... ... http://localhost:8080/authnz/azure/callback - - ... + ...