Search code examples
phpsslopenid-connectopenid

Codeigniter OpenID ERR_SSL_PROTOCOL_ERROR

I am trying to implement Jumbojett OpenID Authentication in my Linux Centos 9 Server. This is my login controller (welcome.php) code:

public function login_sso()
{
if (!$this->session->userdata('USERNIP')) {
            $oidc = new OpenIDConnectClient(
                $this->config->item('SSO_PROVIDER_URL'),
                $this->config->item('SSO_CLIENT_ID'),
                $this->config->item('SSO_CLIENT_SECRET')
            );
            $isAuthenticate = $oidc->authenticate();
            if ($isAuthenticate) {
                $user = $this->M_welcome->get_login_complete_sso($oidc->requestUserInfo('preferred_username'));
                [$akses, $akses_lengkap, $role_id] = $this->M_welcome->get_user_access($user[0]->PEGAWAIID,  $oidc->requestUserInfo('preferred_username'), $user[0]->JENISPEGAWAIID);
                $data_session = array(
                    'USERLOGIN' => $oidc->requestUserInfo('email'),
                    'SSO_ID_TOKEN' => $oidc->getIdToken()
                );

                $this->session->set_userdata($data_session);

                redirect('user/profil/');
            }
        }
}

This is my htaccess code :

<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php/$1 [L]
</IfModule>

<IfModule !mod_rewrite.c>
    # If we don't have mod_rewrite installed, all 404's
    # can be sent to index.php, and everything works as normal.
    # Submitted by: ElliotHaughin

    ErrorDocument 404 /index.php
</IfModule>

And this is my base_url (censored it to mysite.go.id) in config.php :

$config['base_url'] = 'https://mysite.go.id/';

when i open my web application in the browser, it goes smoothly until i use my user credentials to login (username & password) and it redirects to a page that says :

This site can’t provide a secure connection mysite.go.id sent an invalid response.
ERR_SSL_PROTOCOL_ERROR

The URL of that page seems to point at https://mysite.go.id:80/welcome/login_sso?state=6ea6c4c6f8538538621ed21fffa8e78c&session_state=1a223a56-9dba-447e-b6ed-9d79486420c9&code=18a981c1-d5a7-4ce2-8db7-4181244e4194.1a223a56-9dba-447e-b6ed-9d79486420c9.33e0c97f-f14d-4955-b0f1-863256cacd03 , i dont set the redirection port to 80 but it looks like it redirect to port 80 when the default port for ssl should be 443. I suspect this is the problem though i dont know how to fix this. Prior to using OpenID authentication (normal login with local db) it works smoothly, i got no related SSL error. But when i use OpenID authentication i keep getting this error, please help me what is wrong?

Solution

  • Apparently its a bug in the OpenID library itself based on this reference, specifically in OpenIDConnectClient.php where the $_SERVER['SERVER_PORT'] will automatically adding 80 port to redirect if its not converted to integer.