From f7b1f5e99e1189155767591563fdfbe46cd45cd0 Mon Sep 17 00:00:00 2001
From: Edwin <12404233-edwinh01@users.noreply.gitlab.com>
Date: Wed, 8 May 2024 15:31:21 +0200
Subject: [PATCH] Fix for OIDC XML validation error despite valid configuration
& updated OIDC backend example file.
* Since Galaxy 23.1 using the api_url configuration parameter in the "oidc_backend_config.xml" file for authenticating with Azure will return an error when a user tries to log in. This bug has been documented before and can be seen here: https://github.com/galaxyproject/galaxy/issues/16373
* This problem can be solved by replacing the "api_url" parameter with the "tenant_id" parameter. However, this change of parameter name and expected value has not been documented in either the galaxy docs or in the oidc_backends_config.xml.sample example file since changes to the OIDC code have been made. This pull request attempts to solve that by updating the example file.
* In addition, since release_24.0, an XML validation is performed on the oidc_backends_config.xml file which causes the Galaxy process to return an error and exit on startup because it fails to acknowledge "tenant_id" as a legitimate parameter in the XML file. Even though this parameter is required since the OIDC changes in Galaxy 23.1. The changes to the oidc_backends_config.xsd file in this commit can fix that problem.
---
lib/galaxy/authnz/xsd/oidc_backends_config.xsd | 7 +++++++
lib/galaxy/config/sample/oidc_backends_config.xml.sample | 7 ++++---
2 files changed, 11 insertions(+), 3 deletions(-)
diff --git a/lib/galaxy/authnz/xsd/oidc_backends_config.xsd b/lib/galaxy/authnz/xsd/oidc_backends_config.xsd
index a8ffe7a0cd5b..a8fbbd392d5c 100644
--- a/lib/galaxy/authnz/xsd/oidc_backends_config.xsd
+++ b/lib/galaxy/authnz/xsd/oidc_backends_config.xsd
@@ -114,6 +114,13 @@
+
+
+
+ Tenant ID for the IdP.
+
+
+
diff --git a/lib/galaxy/config/sample/oidc_backends_config.xml.sample b/lib/galaxy/config/sample/oidc_backends_config.xml.sample
index 9cf5480a2c60..ce8e8e1d0b27 100644
--- a/lib/galaxy/config/sample/oidc_backends_config.xml.sample
+++ b/lib/galaxy/config/sample/oidc_backends_config.xml.sample
@@ -192,12 +192,13 @@ Please mind `http` and `https`.
...
...
http://localhost:8080/authnz/azure/callback
-
- ...
+ ...