$config['oauth_provider'] = 'generic';$config['oauth_provider_name'] = 'Keycloak mydomain';$config['oauth_client_id'] = "roundcube";$config['oauth_client_secret'] = "secret from keycloak";$config['oauth_auth_uri'] = "https://auth.mydomain.net/realms/myrealms/protocol/openid-connect/auth";$config['oauth_token_uri'] = "https://auth.mydomain.net/realms/myrealms/protocol/openid-connect/token";$config['oauth_identity_uri'] = "https://auth.mydomain.net/realms/myrealms/protocol/openid-connect/userinfo";$config['oauth_verify_peer'] = true;$config['oauth_scope'] = "email profile openid";$config['oauth_auth_parameters'] = [];$config['oauth_identity_fields'] = ['preferred_username'];$config['oauth_login_redirect'] = false;$config['login_password_maxlen'] = 4096;
https://round.mydomain.net/index.php/login/oauth?state=wewpDJttkEAw&session_state=21601475-f142-448f-bc0b-1eaf39ca2a57&code=0da14bae-cd8f-4566-b84c-faf20bb03f10.21601475-f142-448f-bc0b-1eaf39ca2a57.c9b27c45-74ae-42dc-948e-1701a37f2e9b
PHP Error: Access denied for new user user@domain.net. 'auto_create_user' is disabled in....
// Automatically register user in Roundcube database on successful (IMAP) logon.// Set to false if only registered users should be allowed to the webmail.// Note: If disabled you have to create records in Roundcube users table by yourself.// Note: Roundcube does not manage/create users on a mail server.$config['auto_create_user'] = true;
Nov 20 19:21:33 auth: Error: oauth2([b]user1[/b],XX.YY.ZZ.SS,<Yi02AuvtMeBVDoA8>): oauth2 failed: Introspection failed: No username returned
location ~ \.php$ { try_files $uri =404; fastcgi_pass unix:/run/php/php8.1-fpm.sock; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; include fastcgi_params; }
location ~ [^/]\.php(/|$) { fastcgi_split_path_info ^(.+?\.php)(/.*)$; fastcgi_pass unix:/run/php/php8.1-fpm.sock; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; include fastcgi_params; }
fastcgi_param PATH_INFO $fastcgi_path_info;fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info;
introspection_mode = post
introspection_mode = auth