Hi Community,
i´m struggling a bit with my OAuth2 configuration in Roundcube.
The used System is an upgraded Roundcube (formerly Version 1.4.3, upgraded a few days before and now its 1.6.9) running in a Multidomainsetup with MySQL/Galera for the user/password DB (servers in Backend: dovecot/postfix with several virtualdomains including opendmarc/opendkim etc.) where on one Domain actually should be enhanced with additional OpenID-Connect / OAuth2 Access via a Keycloak Client-Instance.
My Keycloak is working for other services already and i configured Roundcube according to the infos from defaults.inc.php positioned inside the configfile for the targetted virtual domain.
Some of the other domains should use other OAuth2-Clientsettings later on, but not all of the used virtual domains from the mailservers should use OAuth2 additionally, thats the reason for positioning in the spearate roundcube domainspecific configfile.
But up to now there is no Login-Button showing up on the Login Page to use the Keycloak-Login.
What might be a reason to circumvent the appearence of the Button or block this functionality?
Thnx in advance for any help on solving this problem,
Tom
Just to be clear your not setting the config inside the defaults.inc.php file correct? Any config changes should be made in the config.inc.php.
For sure i putted the settings not in defaults.inc.php but in config.inc.php and domain1-config.inc.php (which is my configfile for the domain which should additionally use Oauth2/OpenID-Connect ;-) )..
Can you post your config? I don't anyone can help without seeing your configuration.
My config.inc.php (some values anonymised/replaced for security reasons):
cat config.inc.php
<?php
/* Local configuration for Roundcube Webmail */
$config['include_host_config'] = array(
'mail.node1.myfirstmaildomain.tld' => 'myfirstmaildomain_tld_node1_conf.inc.php',
'mail.node1.mysecondmaildomain.tld' => 'mysecondmaildomain_tld_node1_conf.inc.php',
);
// ----------------------------------
// IMAP
// ----------------------------------
// The IMAP host (and optionally port number) chosen to perform the log-in.
// Leave blank to show a textbox at login, give a list of hosts
// to display a pulldown menu or set one host as string.
// Enter hostname with prefix ssl:// to use Implicit TLS, or use
// prefix tls:// to use STARTTLS.
// If port number is omitted it will be set to 993 (for ssl://) or 143 otherwise.
// Supported replacement variables:
// %n - hostname ($_SERVER['SERVER_NAME'])
// %t - hostname without the first part
// %d - domain (http hostname $_SERVER['HTTP_HOST'] without the first part)
// %s - domain name after the '@' from e-mail address provided at login screen
// For example %n = mail.domain.tld, %t = domain.tld
// WARNING: After hostname change update of mail_host column in users table is
// required to match old user data records with the new host.
$config['imap_host'] = 'tls://%t';
// ----------------------------------
// SMTP
// ----------------------------------
// SMTP server host (and optional port number) for sending mails.
// Enter hostname with prefix ssl:// to use Implicit TLS, or use
// prefix tls:// to use STARTTLS.
// If port number is omitted it will be set to 465 (for ssl://) or 587 otherwise.
// Supported replacement variables:
// %h - user's IMAP hostname
// %n - hostname ($_SERVER['SERVER_NAME'])
// %t - hostname without the first part
// %d - domain (http hostname $_SERVER['HTTP_HOST'] without the first part)
// %z - IMAP domain (IMAP hostname without the first part)
// For example %n = mail.domain.tld, %t = domain.tld
// To specify different SMTP servers for different IMAP hosts provide an array
// of IMAP host (no prefix or port) and SMTP server e.g. ['imap.example.com' => 'smtp.example.net']
$config['smtp_host'] = 'tls://%t:587';
// ----------------------------------
// SQL DATABASE
// ----------------------------------
// Database connection string (DSN) for read+write operations
// Format (compatible with PEAR MDB2): db_provider://user:password@host/database
// Currently supported db_providers: mysql, pgsql, sqlite, mssql, sqlsrv, oracle
// For examples see http://pear.php.net/manual/en/package.database.mdb2.intro-dsn.php
// Note: for SQLite use absolute path (Linux): 'sqlite:////full/path/to/sqlite.db?mode=0646'
// or (Windows): 'sqlite:///C:/full/path/to/sqlite.db'
// Note: Various drivers support various additional arguments for connection,
// for Mysql: key, cipher, cert, capath, ca, verify_server_cert,
// for Postgres: application_name, sslmode, sslcert, sslkey, sslrootcert, sslcrl, sslcompression, service.
// e.g. 'mysql://roundcube:@localhost/roundcubemail?verify_server_cert=false'
$config['db_dsnw'] = 'mysql://roundcube:MySecretPWD@localhost/roundcubemail';
//$config['smtp_pass'] = '';
// provide an URL where a user can get support for this Roundcube installation
// PLEASE DO NOT LINK TO THE ROUNDCUBE.NET WEBSITE HERE!
$config['support_url'] = '';
// this key is used to encrypt the users imap password which is stored
// in the session record (and the client cookie if remember password is enabled).
// please provide a string of exactly 24 chars.
// YOUR KEY MUST BE DIFFERENT THAN THE SAMPLE VALUE FOR SECURITY REASONS
$config['des_key'] = 'MyVerySecretKeyHas24Chars';
// Add this user-agent to message headers when sending. Default: not set.
$config['useragent'] = 'MyFirstMaildomain Webmailer';
// List of active plugins (in plugins/ directory)
// Debian: install roundcube-plugins first to have any
$config['plugins'] = ['virtuser_query', 'password', 'dkimstatus', 'managesieve', 'vacation', 'emoticons', 'compose_addressbook', 'sieverules', 'zipdownload', 'userinfo', 'identicon', 'subscriptions_option'];
// skin name: folder from skins/
$config['skin'] = 'MyLarrybasedSKin';
$config['virtuser_query'] = 'SELECT username FROM EmailServer_db.mailbox WHERE username = \'%u\'';
$config['use_subscriptions'] = true;
$config['auto_create_user'] = true;
My myfirstmaildomain_tld_node1_conf.inc.php :
cat myfirstmaildomain_tld_node1_conf.inc.php
<?php
// ----------------------------------
// IMAP
// ----------------------------------
// The IMAP host (and optionally port number) chosen to perform the log-in.
// Leave blank to show a textbox at login, give a list of hosts
// to display a pulldown menu or set one host as string.
// Enter hostname with prefix ssl:// to use Implicit TLS, or use
// prefix tls:// to use STARTTLS.
// If port number is omitted it will be set to 993 (for ssl://) or 143 otherwise.
// Supported replacement variables:
// %n - hostname ($_SERVER['SERVER_NAME'])
// %t - hostname without the first part
// %d - domain (http hostname $_SERVER['HTTP_HOST'] without the first part)
// %s - domain name after the '@' from e-mail address provided at login screen
// For example %n = mail.domain.tld, %t = domain.tld
// WARNING: After hostname change update of mail_host column in users table is
// required to match old user data records with the new host.
$config['imap_host'] = 'tls://%t';
// ----------------------------------
// SMTP
// ----------------------------------
// SMTP server host (and optional port number) for sending mails.
// Enter hostname with prefix ssl:// to use Implicit TLS, or use
// prefix tls:// to use STARTTLS.
// If port number is omitted it will be set to 465 (for ssl://) or 587 otherwise.
// Supported replacement variables:
// %h - user's IMAP hostname
// %n - hostname ($_SERVER['SERVER_NAME'])
// %t - hostname without the first part
// %d - domain (http hostname $_SERVER['HTTP_HOST'] without the first part)
// %z - IMAP domain (IMAP hostname without the first part)
// For example %n = mail.domain.tld, %t = domain.tld
// To specify different SMTP servers for different IMAP hosts provide an array
// of IMAP host (no prefix or port) and SMTP server e.g. ['imap.example.com' => 'smtp.example.net']
$config['smtp_host'] = 'tls://%t:587';
$config['smtp_auth_type'] = null;
//$config['smtp_auth_type'] = ['LOGIN','OAUTH2','XOAUTH'];
// ----------------------------------
// Enable OAuth2 by defining a provider. Use 'generic' here
$config['oauth_provider'] = 'generic';
// Provider name to be displayed on the login button
$config['oauth_provider_name'] = 'MyKeycloakSSO';
// Mandatory: OAuth client ID for your Roundcube installation
$config['oauth_client_id'] = 'MyKeycloak-MailclientID';
// Mandatory: OAuth client secret
$config['oauth_client_secret'] = 'oetZzGsxSiddaaE1QIRM18BHE3b0VQJa';
// Mandatory: URI for OAuth user authentication (redirect)
$config['oauth_auth_uri'] = 'https://sso.node1.mykeycloakdomain.tld:8443/realms/MySSORealm/protocol/openid-connect/auth';
//$config['oauth_auth_uri'] = 'https://mail.node1.myfirstmaildomain.tld/index.php/login/oauth';
// Mandatory: Endpoint for OAuth authentication requests (server-to-server)
$config['oauth_token_uri'] = 'https://sso.node1.mykeycloakdomain.tld:8443/realms/MySSORealm/protocol/openid-connect/token';
// Optional: Endpoint to query user identity if not provided in auth response
$config['oauth_identity_uri'] = 'https://sso.node1.mykeycloakdomain.tld:8443/realms/MySSORealm/protocol/openid-connect/userinfo';
// Optional: disable SSL certificate check on HTTP requests to OAuth server
// See http://docs.guzzlephp.org/en/stable/request-options.html#verify for possible values
$config['oauth_verify_peer'] = true;
// Mandatory: OAuth scopes to request (space-separated string)
$config['oauth_scope'] = 'email openid profile roles';
// Optional: additional query parameters to send with login request (hash array)
$config['oauth_auth_parameters'] = [];
// Optional: array of field names used to resolve the username within the identity information
$config['oauth_identity_fields'] = ['userPrincipalName'];
// Boolean: automatically redirect to OAuth login when opening Roundcube without a valid session
$config['oauth_login_redirect'] = false;
//$config['oauth_login_redirect'] = 'https://sso.node1.mykeycloakdomain.tld:8443/realms/MySSORealm/account/';
I also tried to switch the skins from my own modified Larrybased Skin between Elastic, Larry and Classic but no luck, they give me no OAuth2 Button either.
So what am i missing to get the Login-Button?
It sounds like your host configs are being pulled in. If you create a php file with the following what does it print out:
<?php
echo 'HTTP_HOST: '. $_SERVER['HTTP_HOST'] .'<br />';
echo 'SERVER_NAME: '. $_SERVER['SERVER_NAME'] .'<br />';
echo 'SERVER_ADDR: '. $_SERVER['SERVER_ADDR'] .'<br />';
HTTP_HOST : mail.node1.myfirstmaildomain.tld
SERVER_NAME : mail.node1.myfirstmaildomain.tld
SERVER_ADDR : <$the_correct_external_ip_adress_of_the_server>
Values changed consistently according to anomymized Values in my configpostings above ;-)
Nothing wrong there, is there anything in the Roundcube error log?
Nothing inside the error.log at all...its an empty file :-)
I think the next best step would be to add a debug check like:
rcube::raise_error(print_r($this->options, true), true);
after "$this->options" is set in the "__construct" function in <RC root>/program/include/rcmail_oauth.php
That should log the values of $this->options to the Roundcube error log.
Now i´ve got some conten in the error.log:
[05-Feb-2025 11:18:49 +0100]: <r9k5b86v> PHP Error: Array
(
[provider] =>
[auth_uri] =>
[token_uri] =>
[client_id] =>
[client_secret] =>
[identity_uri] =>
[identity_fields] => Array
(
[0] => email
)
[scope] =>
[verify_peer] => 1
[auth_parameters] => Array
(
)
[login_redirect] =>
)
(GET /)
Well that confirms that that the oauth code is running, it isn't getting the config, error logging is working, and that this is a config problem. Have you tired setting the oauth config in the main config file and see if it works then?
On first view it seems to work when placed in the main config file,but at redirection after login to keycloak it inserts a bunch of "index.php/login/" to the redirecting url so that its landing on the loginscreen again and again without using the css information and so on and without really login in in roundcube ..seems to be another issue...
And in general: if placed in the main config file instead of the config file of the first maildomain, how can i setup another realm/client with different settings or even another openid provider for the second maildomain?
Having the config in the host config files shouldn't be a problem but clear is in this case. In <RC root>/program/lib/Roundcube/rcube_config.php in the "load_from_file" function in the line before the return can you add:
rcube::raise_error($file .' - '. (($success) ? 'true' : 'false'), true);
And post the output in the error log? I want to see what config files its trying to pull in and if its loading them correctly.
Ok,done and found a typo in the first maildomains host configfile, corrected it and moved the oauth related config to the host configfile again. Then testet first with the second maildomain wiithout oauth configpart and then the first maildomain with oauth configpart.
The resulting error.log:
[06-Feb-2025 12:05:54 +0100]: PHP Error: defaults.inc.php - true (GET /)
[06-Feb-2025 12:05:54 +0100]: PHP Error: config.inc.php - true (GET /)
[06-Feb-2025 12:05:54 +0100]: PHP Error: mysecondmaildomain_tld_node1_conf.inc.php - true (GET /)
[06-Feb-2025 12:05:54 +0100]: <nqcrbnlo> PHP Error: Array
(
[provider] =>
[auth_uri] =>
[token_uri] =>
[client_id] =>
[client_secret] =>
[identity_uri] =>
[identity_fields] => Array
(
[0] => email
)
[scope] =>
[verify_peer] => 1
[auth_parameters] => Array
(
)
[login_redirect] =>
)
(GET /)
[06-Feb-2025 12:05:54 +0100]: <nqcrbnlo> PHP Error: /var/lib/roundcube/plugins/password/config.inc.php - true (GET /)
[06-Feb-2025 12:05:54 +0100]: <nqcrbnlo> PHP Error: /var/lib/roundcube/plugins/jqueryui/config.inc.php - true (GET /)
[06-Feb-2025 12:06:30 +0100]: PHP Error: defaults.inc.php - true (POST /?_task=login&_action=login)
[06-Feb-2025 12:06:30 +0100]: PHP Error: config.inc.php - true (POST /?_task=login&_action=login)
[06-Feb-2025 12:06:30 +0100]: PHP Error: mysecondmaildomain_tld_node1_conf.inc.php - true (POST /?_task=login&_action=login)
[06-Feb-2025 12:06:30 +0100]: <nqcrbnlo> PHP Error: Array
(
[provider] =>
[auth_uri] =>
[token_uri] =>
[client_id] =>
[client_secret] =>
[identity_uri] =>
[identity_fields] => Array
(
[0] => email
)
[scope] =>
[verify_peer] => 1
[auth_parameters] => Array
(
)
[login_redirect] =>
)
(POST /?_task=login&_action=login)
[06-Feb-2025 12:06:30 +0100]: <nqcrbnlo> PHP Error: /var/lib/roundcube/plugins/password/config.inc.php - true (POST /?_task=login&_action=login)
[06-Feb-2025 12:06:30 +0100]: <nqcrbnlo> PHP Error: /var/lib/roundcube/plugins/jqueryui/config.inc.php - true (POST /?_task=login&_action=login)
[06-Feb-2025 12:06:31 +0100]: PHP Error: defaults.inc.php - true (GET /?_task=mail&_token=M8iMLUSoHd1k6MPHByGnOm403cEcwDyW)
[06-Feb-2025 12:06:31 +0100]: PHP Error: config.inc.php - true (GET /?_task=mail&_token=M8iMLUSoHd1k6MPHByGnOm403cEcwDyW)
[06-Feb-2025 12:06:31 +0100]: PHP Error: mysecondmaildomain_tld_node1_conf.inc.php - true (GET /?_task=mail&_token=M8iMLUSoHd1k6MPHByGnOm403cEcwDyW)
[06-Feb-2025 12:06:31 +0100]: <v22nklag> PHP Error: Array
(
[provider] =>
[auth_uri] =>
[token_uri] =>
[client_id] =>
[client_secret] =>
[identity_uri] =>
[identity_fields] => Array
(
[0] => email
)
[scope] =>
[verify_peer] => 1
[auth_parameters] => Array
(
)
[login_redirect] =>
)
(GET /?_task=mail&_token=M8iMLUSoHd1k6MPHByGnOm403cEcwDyW)
[06-Feb-2025 12:06:31 +0100]: <v22nklag> PHP Error: /var/lib/roundcube/plugins/password/config.inc.php - true (GET /?_task=mail&_token=M8iMLUSoHd1k6MPHByGnOm403cEcwDyW)
[06-Feb-2025 12:06:31 +0100]: <v22nklag> PHP Error: /var/lib/roundcube/plugins/managesieve/config.inc.php - true (GET /?_task=mail&_token=M8iMLUSoHd1k6MPHByGnOm403cEcwDyW)
[06-Feb-2025 12:06:31 +0100]: <v22nklag> PHP Error: /var/lib/roundcube/plugins/sieverules/config.inc.php - true (GET /?_task=mail&_token=M8iMLUSoHd1k6MPHByGnOm403cEcwDyW)
[06-Feb-2025 12:06:31 +0100]: <v22nklag> PHP Error: /var/lib/roundcube/plugins/zipdownload/config.inc.php - true (GET /?_task=mail&_token=M8iMLUSoHd1k6MPHByGnOm403cEcwDyW)
[06-Feb-2025 12:06:31 +0100]: <v22nklag> PHP Error: /var/lib/roundcube/plugins/jqueryui/config.inc.php - true (GET /?_task=mail&_token=M8iMLUSoHd1k6MPHByGnOm403cEcwDyW)
[06-Feb-2025 12:06:31 +0100]: PHP Error: defaults.inc.php - true (GET /?_task=mail&_action=list&_refresh=1&_layout=widescreen&_mbox=INBOX&_page=&_remote=1&_unlock=loading1738839992072&_=1738839991987)
[06-Feb-2025 12:06:31 +0100]: PHP Error: config.inc.php - true (GET /?_task=mail&_action=list&_refresh=1&_layout=widescreen&_mbox=INBOX&_page=&_remote=1&_unlock=loading1738839992072&_=1738839991987)
[06-Feb-2025 12:06:31 +0100]: PHP Error: mysecondmaildomain_tld_node1_conf.inc.php - true (GET /?_task=mail&_action=list&_refresh=1&_layout=widescreen&_mbox=INBOX&_page=&_remote=1&_unlock=loading1738839992072&_=1738839991987)
[06-Feb-2025 12:06:31 +0100]: <v22nklag> PHP Error: Array
(
[provider] =>
[auth_uri] =>
[token_uri] =>
[client_id] =>
[client_secret] =>
[identity_uri] =>
[identity_fields] => Array
(
[0] => email
)
[scope] =>
[verify_peer] => 1
[auth_parameters] => Array
(
)
[login_redirect] =>
)
(GET /?_task=mail&_action=list&_refresh=1&_layout=widescreen&_mbox=INBOX&_page=&_remote=1&_unlock=loading1738839992072&_=1738839991987)
[06-Feb-2025 12:06:31 +0100]: <v22nklag> PHP Error: /var/lib/roundcube/plugins/managesieve/config.inc.php - true (GET /?_task=mail&_action=list&_refresh=1&_layout=widescreen&_mbox=INBOX&_page=&_remote=1&_unlock=loading1738839992072&_=1738839991987)
[06-Feb-2025 12:06:31 +0100]: PHP Error: defaults.inc.php - true (GET /?_task=mail&_action=getunread&_page=1&_remote=1&_unlock=0&_=1738839991988)
[06-Feb-2025 12:06:31 +0100]: PHP Error: config.inc.php - true (GET /?_task=mail&_action=getunread&_page=1&_remote=1&_unlock=0&_=1738839991988)
[06-Feb-2025 12:06:31 +0100]: <v22nklag> PHP Error: /var/lib/roundcube/plugins/sieverules/config.inc.php - true (GET /?_task=mail&_action=list&_refresh=1&_layout=widescreen&_mbox=INBOX&_page=&_remote=1&_unlock=loading1738839992072&_=1738839991987)
[06-Feb-2025 12:06:31 +0100]: PHP Error: mysecondmaildomain_tld_node1_conf.inc.php - true (GET /?_task=mail&_action=getunread&_page=1&_remote=1&_unlock=0&_=1738839991988)
[06-Feb-2025 12:06:31 +0100]: <v22nklag> PHP Error: /var/lib/roundcube/plugins/zipdownload/config.inc.php - true (GET /?_task=mail&_action=list&_refresh=1&_layout=widescreen&_mbox=INBOX&_page=&_remote=1&_unlock=loading1738839992072&_=1738839991987)
[06-Feb-2025 12:06:31 +0100]: <v22nklag> PHP Error: Array
(
[provider] =>
[auth_uri] =>
[token_uri] =>
[client_id] =>
[client_secret] =>
[identity_uri] =>
[identity_fields] => Array
(
[0] => email
)
[scope] =>
[verify_peer] => 1
[auth_parameters] => Array
(
)
[login_redirect] =>
)
(GET /?_task=mail&_action=getunread&_page=1&_remote=1&_unlock=0&_=1738839991988)
[06-Feb-2025 12:06:31 +0100]: <v22nklag> PHP Error: /var/lib/roundcube/plugins/managesieve/config.inc.php - true (GET /?_task=mail&_action=getunread&_page=1&_remote=1&_unlock=0&_=1738839991988)
[06-Feb-2025 12:06:31 +0100]: <v22nklag> PHP Error: /var/lib/roundcube/plugins/sieverules/config.inc.php - true (GET /?_task=mail&_action=getunread&_page=1&_remote=1&_unlock=0&_=1738839991988)
[06-Feb-2025 12:06:31 +0100]: <v22nklag> PHP Error: /var/lib/roundcube/plugins/zipdownload/config.inc.php - true (GET /?_task=mail&_action=getunread&_page=1&_remote=1&_unlock=0&_=1738839991988)
[06-Feb-2025 12:06:33 +0100]: PHP Error: defaults.inc.php - true (GET /?_task=logout&_token=M8iMLUSoHd1k6MPHByGnOm403cEcwDyW)
[06-Feb-2025 12:06:33 +0100]: PHP Error: config.inc.php - true (GET /?_task=logout&_token=M8iMLUSoHd1k6MPHByGnOm403cEcwDyW)
[06-Feb-2025 12:06:33 +0100]: PHP Error: mysecondmaildomain_tld_node1_conf.inc.php - true (GET /?_task=logout&_token=M8iMLUSoHd1k6MPHByGnOm403cEcwDyW)
[06-Feb-2025 12:06:33 +0100]: <v22nklag> PHP Error: Array
(
[provider] =>
[auth_uri] =>
[token_uri] =>
[client_id] =>
[client_secret] =>
[identity_uri] =>
[identity_fields] => Array
(
[0] => email
)
[scope] =>
[verify_peer] => 1
[auth_parameters] => Array
(
)
[login_redirect] =>
)
(GET /?_task=logout&_token=M8iMLUSoHd1k6MPHByGnOm403cEcwDyW)
[06-Feb-2025 12:06:33 +0100]: <v22nklag> PHP Error: /var/lib/roundcube/plugins/jqueryui/config.inc.php - true (GET /?_task=logout&_token=M8iMLUSoHd1k6MPHByGnOm403cEcwDyW)
[06-Feb-2025 12:06:33 +0100]: <v22nklag> PHP Error: /var/lib/roundcube/plugins/password/config.inc.php - true (GET /?_task=logout&_token=M8iMLUSoHd1k6MPHByGnOm403cEcwDyW)
(end of part 1 of the errorlog due to character restriction of the forum)
(errorlog Part 2)
[06-Feb-2025 12:07:31 +0100]: PHP Error: defaults.inc.php - true (GET /)
[06-Feb-2025 12:07:31 +0100]: PHP Error: config.inc.php - true (GET /)
[06-Feb-2025 12:07:31 +0100]: PHP Error: myfirstmaildomain_tld_node1_conf.inc.php - true (GET /)
[06-Feb-2025 12:07:31 +0100]: <eu1aj793> PHP Error: Array
(
[provider] => generic
[auth_uri] => https://sso.node1.mykeycloakdomain.tld:8443/realms/MySSORealm/protocol/openid-connect/auth
[token_uri] => https://sso.node1.mykeycloakdomain.tld:8443/realms/MySSORealm/protocol/openid-connect/token
[client_id] => MyKeycloak-MailclientID
[client_secret] => eotZzGsxSiddaaE1QIRM18BHE3b0VQaJ
[identity_uri] => https://sso.node1.mykeycloakdomain.tld:8443/realms/MySSORealm/protocol/openid-connect/userinfo
[identity_fields] => Array
(
[0] => openid
[1] => username
)
[scope] => openid email profile roles
[verify_peer] => 1
[auth_parameters] => Array
(
)
[login_redirect] =>
)
(GET /)
[06-Feb-2025 12:07:31 +0100]: <eu1aj793> PHP Error: /var/lib/roundcube/plugins/password/config.inc.php - true (GET /)
[06-Feb-2025 12:07:31 +0100]: <eu1aj793> PHP Error: /var/lib/roundcube/plugins/jqueryui/config.inc.php - true (GET /)
[06-Feb-2025 12:07:35 +0100]: PHP Error: defaults.inc.php - true (GET /?_task=login&_action=oauth)
[06-Feb-2025 12:07:35 +0100]: PHP Error: config.inc.php - true (GET /?_task=login&_action=oauth)
[06-Feb-2025 12:07:35 +0100]: PHP Error: myfirstmaildomain_tld_node1_conf.inc.php - true (GET /?_task=login&_action=oauth)
[06-Feb-2025 12:07:35 +0100]: <eu1aj793> PHP Error: Array
(
[provider] => generic
[auth_uri] => https://sso.node1.mykeycloakdomain.tld:8443/realms/MySSORealm/protocol/openid-connect/auth
[token_uri] => https://sso.node1.mykeycloakdomain.tld:8443/realms/MySSORealm/protocol/openid-connect/token
[client_id] => MyKeycloak-MailclientID
[client_secret] => eotZzGsxSiddaaE1QIRM18BHE3b0VQaJ
[identity_uri] => https://sso.node1.mykeycloakdomain.tld:8443/realms/MySSORealm/protocol/openid-connect/userinfo
[identity_fields] => Array
(
[0] => openid
[1] => username
)
[scope] => openid email profile roles
[verify_peer] => 1
[auth_parameters] => Array
(
)
[login_redirect] =>
)
(GET /?_task=login&_action=oauth)
[06-Feb-2025 12:07:35 +0100]: <eu1aj793> PHP Error: /var/lib/roundcube/plugins/password/config.inc.php - true (GET /?_task=login&_action=oauth)
[06-Feb-2025 12:07:35 +0100]: <eu1aj793> PHP Error: /var/lib/roundcube/plugins/jqueryui/config.inc.php - true (GET /?_task=login&_action=oauth)
[06-Feb-2025 12:07:35 +0100]: PHP Error: defaults.inc.php - true (GET /index.php/login/oauth?state=eQyeb25cBWMN&session_state=442c9c83-15bc-49d1-9666-f1de5bf20f7d&iss=https%3A%2F%2Fsso.node1.mykeycloakdomain.tld%3A8443%2Frealms%2FMySSORealm&code=d60ce6b0-ec5c-43a9-bb8c-2fd0f6b6fc1b.442c9c83-15bc-49d1-9666-f1de5bf20f7d.cdd15124-a187-42b4-99f4-3e68801fe39a)
[06-Feb-2025 12:07:35 +0100]: PHP Error: config.inc.php - true (GET /index.php/login/oauth?state=eQyeb25cBWMN&session_state=442c9c83-15bc-49d1-9666-f1de5bf20f7d&iss=https%3A%2F%2Fsso.node1.mykeycloakdomain.tld%3A8443%2Frealms%2FMySSORealm&code=d60ce6b0-ec5c-43a9-bb8c-2fd0f6b6fc1b.442c9c83-15bc-49d1-9666-f1de5bf20f7d.cdd15124-a187-42b4-99f4-3e68801fe39a)
[06-Feb-2025 12:07:35 +0100]: PHP Error: myfirstmaildomain_tld_node1_conf.inc.php - true (GET /index.php/login/oauth?state=eQyeb25cBWMN&session_state=442c9c83-15bc-49d1-9666-f1de5bf20f7d&iss=https%3A%2F%2Fsso.node1.mykeycloakdomain.tld%3A8443%2Frealms%2FMySSORealm&code=d60ce6b0-ec5c-43a9-bb8c-2fd0f6b6fc1b.442c9c83-15bc-49d1-9666-f1de5bf20f7d.cdd15124-a187-42b4-99f4-3e68801fe39a)
[06-Feb-2025 12:07:35 +0100]: <eu1aj793> PHP Error: Array
(
[provider] => generic
[auth_uri] => https://sso.node1.mykeycloakdomain.tld:8443/realms/MySSORealm/protocol/openid-connect/auth
[token_uri] => https://sso.node1.mykeycloakdomain.tld:8443/realms/MySSORealm/protocol/openid-connect/token
[client_id] => MyKeycloak-MailclientID
[client_secret] => eotZzGsxSiddaaE1QIRM18BHE3b0VQaJ
[identity_uri] => https://sso.node1.mykeycloakdomain.tld:8443/realms/MySSORealm/protocol/openid-connect/userinfo
[identity_fields] => Array
(
[0] => openid
[1] => username
)
[scope] => openid email profile roles
[verify_peer] => 1
[auth_parameters] => Array
(
)
[login_redirect] =>
)
(GET /index.php/login/oauth?state=eQyeb25cBWMN&session_state=442c9c83-15bc-49d1-9666-f1de5bf20f7d&iss=https%3A%2F%2Fsso.node1.mykeycloakdomain.tld%3A8443%2Frealms%2FMySSORealm&code=d60ce6b0-ec5c-43a9-bb8c-2fd0f6b6fc1b.442c9c83-15bc-49d1-9666-f1de5bf20f7d.cdd15124-a187-42b4-99f4-3e68801fe39a)
[06-Feb-2025 12:07:35 +0100]: <eu1aj793> PHP Error: /var/lib/roundcube/plugins/password/config.inc.php - true (GET /index.php/login/oauth?state=eQyeb25cBWMN&session_state=442c9c83-15bc-49d1-9666-f1de5bf20f7d&iss=https%3A%2F%2Fsso.node1.mykeycloakdomain.tld%3A8443%2Frealms%2FMySSORealm&code=d60ce6b0-ec5c-43a9-bb8c-2fd0f6b6fc1b.442c9c83-15bc-49d1-9666-f1de5bf20f7d.cdd15124-a187-42b4-99f4-3e68801fe39a)
[06-Feb-2025 12:07:35 +0100]: <eu1aj793> PHP Error: /var/lib/roundcube/plugins/jqueryui/config.inc.php - true (GET /index.php/login/oauth?state=eQyeb25cBWMN&session_state=442c9c83-15bc-49d1-9666-f1de5bf20f7d&iss=https%3A%2F%2Fsso.node1.mykeycloakdomain.tld%3A8443%2Frealms%2FMySSORealm&code=d60ce6b0-ec5c-43a9-bb8c-2fd0f6b6fc1b.442c9c83-15bc-49d1-9666-f1de5bf20f7d.cdd15124-a187-42b4-99f4-3e68801fe39a)
[06-Feb-2025 12:07:36 +0100]: <eu1aj793> PHP Error: OAuth token request failed: Client error: `POST https://sso.node1.mykeycloakdomain.tld:8443/realms/MySSORealm/protocol/openid-connect/token` resulted in a `400 Bad Request` response:
{"error":"invalid_grant","error_description":"Incorrect redirect_uri"}
; cznode3 GuzzleHttp/7 - [06/Feb/2025:12:07:36 +0100] "POST /realms/MySSORealm/protocol/openid-connect/token HTTP/1.1" 400 70 in /var/lib/roundcube/program/include/rcmail_oauth.php on line 322 (GET /index.php/login/oauth?state=eQyeb25cBWMN&session_state=442c9c83-15bc-49d1-9666-f1de5bf20f7d&iss=https%3A%2F%2Fsso.node1.mykeycloakdomain.tld%3A8443%2Frealms%2FMySSORealm&code=d60ce6b0-ec5c-43a9-bb8c-2fd0f6b6fc1b.442c9c83-15bc-49d1-9666-f1de5bf20f7d.cdd15124-a187-42b4-99f4-3e68801fe39a)
[06-Feb-2025 12:07:36 +0100]: PHP Error: defaults.inc.php - true (GET /index.php/login/skins/mylarrybasedskin/styles.min.css?s=1737731252)
[06-Feb-2025 12:07:36 +0100]: PHP Error: config.inc.php - true (GET /index.php/login/skins/mylarrybasedskin/styles.min.css?s=1737731252)
[06-Feb-2025 12:07:36 +0100]: PHP Error: myfirstmaildomain_tld_node1_conf.inc.php - true (GET /index.php/login/skins/mylarrybasedskin/styles.min.css?s=1737731252)
[06-Feb-2025 12:07:36 +0100]: <eu1aj793> PHP Error: Array
(
[provider] => generic
[auth_uri] => https://sso.node1.mykeycloakdomain.tld:8443/realms/MySSORealm/protocol/openid-connect/auth
[token_uri] => https://sso.node1.mykeycloakdomain.tld:8443/realms/MySSORealm/protocol/openid-connect/token
[client_id] => MyKeycloak-MailclientID
[client_secret] => eotZzGsxSiddaaE1QIRM18BHE3b0VQaJ
[identity_uri] => https://sso.node1.mykeycloakdomain.tld:8443/realms/MySSORealm/protocol/openid-connect/userinfo
[identity_fields] => Array
(
[0] => openid
[1] => username
)
[scope] => openid email profile roles
[verify_peer] => 1
[auth_parameters] => Array
(
)
[login_redirect] =>
)
(GET /index.php/login/skins/mylarrybasedskin/styles.min.css?s=1737731252)
[06-Feb-2025 12:07:36 +0100]: <eu1aj793> PHP Error: /var/lib/roundcube/plugins/password/config.inc.php - true (GET /index.php/login/skins/mylarrybasedskin/styles.min.css?s=1737731252)
[06-Feb-2025 12:07:36 +0100]: <eu1aj793> PHP Error: /var/lib/roundcube/plugins/jqueryui/config.inc.php - true (GET /index.php/login/skins/mylarrybasedskin/styles.min.css?s=1737731252)
[06-Feb-2025 12:07:36 +0100]: PHP Error: defaults.inc.php - true (GET /index.php/login/skins/mylarrybasedskin/plugins/jqueryui/jquery-ui.min.css?s=1689092804)
[06-Feb-2025 12:07:36 +0100]: PHP Error: config.inc.php - true (GET /index.php/login/skins/mylarrybasedskin/plugins/jqueryui/jquery-ui.min.css?s=1689092804)
[06-Feb-2025 12:07:36 +0100]: PHP Error: myfirstmaildomain_tld_node1_conf.inc.php - true (GET /index.php/login/skins/mylarrybasedskin/plugins/jqueryui/jquery-ui.min.css?s=1689092804)
[06-Feb-2025 12:07:36 +0100]: PHP Error: defaults.inc.php - true (GET /index.php/login/skins/mylarrybasedskin/ui.min.js?s=1689092804)
[06-Feb-2025 12:07:36 +0100]: PHP Error: config.inc.php - true (GET /index.php/login/skins/mylarrybasedskin/ui.min.js?s=1689092804)
[06-Feb-2025 12:07:36 +0100]: PHP Error: myfirstmaildomain_tld_node1_conf.inc.php - true (GET /index.php/login/skins/mylarrybasedskin/ui.min.js?s=1689092804)
[06-Feb-2025 12:07:36 +0100]: <eu1aj793> PHP Error: Array
(
[provider] => generic
[auth_uri] => https://sso.node1.mykeycloakdomain.tld:8443/realms/MySSORealm/protocol/openid-connect/auth
[token_uri] => https://sso.node1.mykeycloakdomain.tld:8443/realms/MySSORealm/protocol/openid-connect/token
[client_id] => MyKeycloak-MailclientID
[client_secret] => eotZzGsxSiddaaE1QIRM18BHE3b0VQaJ
[identity_uri] => https://sso.node1.mykeycloakdomain.tld:8443/realms/MySSORealm/protocol/openid-connect/userinfo
[identity_fields] => Array
(
[0] => openid
[1] => username
)
[scope] => openid email profile roles
[verify_peer] => 1
[auth_parameters] => Array
(
)
[login_redirect] =>
)
(GET /index.php/login/skins/mylarrybasedskin/plugins/jqueryui/jquery-ui.min.css?s=1689092804)
(end part 2 due to character restriction)
(part 3 of the errorlog)
[06-Feb-2025 12:07:36 +0100]: <eu1aj793> PHP Error: /var/lib/roundcube/plugins/password/config.inc.php - true (GET /index.php/login/skins/mylarrybasedskin/plugins/jqueryui/jquery-ui.min.css?s=1689092804)
[06-Feb-2025 12:07:36 +0100]: <eu1aj793> PHP Error: /var/lib/roundcube/plugins/jqueryui/config.inc.php - true (GET /index.php/login/skins/mylarrybasedskin/plugins/jqueryui/jquery-ui.min.css?s=1689092804)
[06-Feb-2025 12:07:36 +0100]: <eu1aj793> PHP Error: Array
(
[provider] => generic
[auth_uri] => https://sso.node1.mykeycloakdomain.tld:8443/realms/MySSORealm/protocol/openid-connect/auth
[token_uri] => https://sso.node1.mykeycloakdomain.tld:8443/realms/MySSORealm/protocol/openid-connect/token
[client_id] => MyKeycloak-MailclientID
[client_secret] => eotZzGsxSiddaaE1QIRM18BHE3b0VQaJ
[identity_uri] => https://sso.node1.mykeycloakdomain.tld:8443/realms/MySSORealm/protocol/openid-connect/userinfo
[identity_fields] => Array
(
[0] => openid
[1] => username
)
[scope] => openid email profile roles
[verify_peer] => 1
[auth_parameters] => Array
(
)
[login_redirect] =>
)
(GET /index.php/login/skins/mylarrybasedskin/ui.min.js?s=1689092804)
[06-Feb-2025 12:07:36 +0100]: <eu1aj793> PHP Error: /var/lib/roundcube/plugins/password/config.inc.php - true (GET /index.php/login/skins/mylarrybasedskin/ui.min.js?s=1689092804)
[06-Feb-2025 12:07:36 +0100]: <eu1aj793> PHP Error: /var/lib/roundcube/plugins/jqueryui/config.inc.php - true (GET /index.php/login/skins/mylarrybasedskin/ui.min.js?s=1689092804)
[06-Feb-2025 12:07:36 +0100]: PHP Error: defaults.inc.php - true (GET /index.php/login/program/js/jquery.min.js?s=1555656720)
[06-Feb-2025 12:07:36 +0100]: PHP Error: config.inc.php - true (GET /index.php/login/program/js/jquery.min.js?s=1555656720)
[06-Feb-2025 12:07:36 +0100]: PHP Error: myfirstmaildomain_tld_node1_conf.inc.php - true (GET /index.php/login/program/js/jquery.min.js?s=1555656720)
[06-Feb-2025 12:07:36 +0100]: <eu1aj793> PHP Error: Array
(
[provider] => generic
[auth_uri] => https://sso.node1.mykeycloakdomain.tld:8443/realms/MySSORealm/protocol/openid-connect/auth
[token_uri] => https://sso.node1.mykeycloakdomain.tld:8443/realms/MySSORealm/protocol/openid-connect/token
[client_id] => MyKeycloak-MailclientID
[client_secret] => eotZzGsxSiddaaE1QIRM18BHE3b0VQaJ
[identity_uri] => https://sso.node1.mykeycloakdomain.tld:8443/realms/MySSORealm/protocol/openid-connect/userinfo
[identity_fields] => Array
(
[0] => openid
[1] => username
)
[scope] => openid email profile roles
[verify_peer] => 1
[auth_parameters] => Array
(
)
[login_redirect] =>
)
(GET /index.php/login/program/js/jquery.min.js?s=1555656720)
[06-Feb-2025 12:07:36 +0100]: <eu1aj793> PHP Error: /var/lib/roundcube/plugins/password/config.inc.php - true (GET /index.php/login/program/js/jquery.min.js?s=1555656720)
[06-Feb-2025 12:07:36 +0100]: <eu1aj793> PHP Error: /var/lib/roundcube/plugins/jqueryui/config.inc.php - true (GET /index.php/login/program/js/jquery.min.js?s=1555656720)
[06-Feb-2025 12:07:36 +0100]: PHP Error: defaults.inc.php - true (GET /index.php/login/program/js/common.min.js?s=1725175896)
[06-Feb-2025 12:07:36 +0100]: PHP Error: config.inc.php - true (GET /index.php/login/program/js/common.min.js?s=1725175896)
[06-Feb-2025 12:07:36 +0100]: PHP Error: myfirstmaildomain_tld_node1_conf.inc.php - true (GET /index.php/login/program/js/common.min.js?s=1725175896)
[06-Feb-2025 12:07:36 +0100]: PHP Error: defaults.inc.php - true (GET /index.php/login/program/js/app.min.js?s=1725175896)
[06-Feb-2025 12:07:36 +0100]: PHP Error: config.inc.php - true (GET /index.php/login/program/js/app.min.js?s=1725175896)
[06-Feb-2025 12:07:36 +0100]: PHP Error: myfirstmaildomain_tld_node1_conf.inc.php - true (GET /index.php/login/program/js/app.min.js?s=1725175896)
[06-Feb-2025 12:07:36 +0100]: <eu1aj793> PHP Error: Array
(
[provider] => generic
[auth_uri] => https://sso.node1.mykeycloakdomain.tld:8443/realms/MySSORealm/protocol/openid-connect/auth
[token_uri] => https://sso.node1.mykeycloakdomain.tld:8443/realms/MySSORealm/protocol/openid-connect/token
[client_id] => MyKeycloak-MailclientID
[client_secret] => eotZzGsxSiddaaE1QIRM18BHE3b0VQaJ
[identity_uri] => https://sso.node1.mykeycloakdomain.tld:8443/realms/MySSORealm/protocol/openid-connect/userinfo
[identity_fields] => Array
(
[0] => openid
[1] => username
)
[scope] => openid email profile roles
[verify_peer] => 1
[auth_parameters] => Array
(
)
[login_redirect] =>
)
(GET /index.php/login/program/js/common.min.js?s=1725175896)
[06-Feb-2025 12:07:36 +0100]: <eu1aj793> PHP Error: /var/lib/roundcube/plugins/password/config.inc.php - true (GET /index.php/login/program/js/common.min.js?s=1725175896)
[06-Feb-2025 12:07:36 +0100]: <eu1aj793> PHP Error: /var/lib/roundcube/plugins/jqueryui/config.inc.php - true (GET /index.php/login/program/js/common.min.js?s=1725175896)
[06-Feb-2025 12:07:36 +0100]: <eu1aj793> PHP Error: Array
(
[provider] => generic
[auth_uri] => https://sso.node1.mykeycloakdomain.tld:8443/realms/MySSORealm/protocol/openid-connect/auth
[token_uri] => https://sso.node1.mykeycloakdomain.tld:8443/realms/MySSORealm/protocol/openid-connect/token
[client_id] => MyKeycloak-MailclientID
[client_secret] => eotZzGsxSiddaaE1QIRM18BHE3b0VQaJ
[identity_uri] => https://sso.node1.mykeycloakdomain.tld:8443/realms/MySSORealm/protocol/openid-connect/userinfo
[identity_fields] => Array
(
[0] => openid
[1] => username
)
[scope] => openid email profile roles
[verify_peer] => 1
[auth_parameters] => Array
(
)
[login_redirect] =>
)
(GET /index.php/login/program/js/app.min.js?s=1725175896)
[06-Feb-2025 12:07:36 +0100]: <eu1aj793> PHP Error: /var/lib/roundcube/plugins/password/config.inc.php - true (GET /index.php/login/program/js/app.min.js?s=1725175896)
[06-Feb-2025 12:07:36 +0100]: <eu1aj793> PHP Error: /var/lib/roundcube/plugins/jqueryui/config.inc.php - true (GET /index.php/login/program/js/app.min.js?s=1725175896)
[06-Feb-2025 12:07:36 +0100]: PHP Error: defaults.inc.php - true (GET /index.php/login/program/js/jstz.min.js?s=1562683680)
[06-Feb-2025 12:07:36 +0100]: PHP Error: config.inc.php - true (GET /index.php/login/program/js/jstz.min.js?s=1562683680)
[06-Feb-2025 12:07:36 +0100]: PHP Error: myfirstmaildomain_tld_node1_conf.inc.php - true (GET /index.php/login/program/js/jstz.min.js?s=1562683680)
[06-Feb-2025 12:07:36 +0100]: <eu1aj793> PHP Error: Array
(
[provider] => generic
[auth_uri] => https://sso.node1.mykeycloakdomain.tld:8443/realms/MySSORealm/protocol/openid-connect/auth
[token_uri] => https://sso.node1.mykeycloakdomain.tld:8443/realms/MySSORealm/protocol/openid-connect/token
[client_id] => MyKeycloak-MailclientID
[client_secret] => eotZzGsxSiddaaE1QIRM18BHE3b0VQaJ
[identity_uri] => https://sso.node1.mykeycloakdomain.tld:8443/realms/MySSORealm/protocol/openid-connect/userinfo
[identity_fields] => Array
(
[0] => openid
[1] => username
)
[scope] => openid email profile roles
[verify_peer] => 1
[auth_parameters] => Array
(
)
[login_redirect] =>
)
(GET /index.php/login/program/js/jstz.min.js?s=1562683680)
[06-Feb-2025 12:07:36 +0100]: <eu1aj793> PHP Error: /var/lib/roundcube/plugins/password/config.inc.php - true (GET /index.php/login/program/js/jstz.min.js?s=1562683680)
[06-Feb-2025 12:07:36 +0100]: <eu1aj793> PHP Error: /var/lib/roundcube/plugins/jqueryui/config.inc.php - true (GET /index.php/login/program/js/jstz.min.js?s=1562683680)
[06-Feb-2025 12:07:36 +0100]: PHP Error: defaults.inc.php - true (GET /index.php/login/plugins/jqueryui/js/jquery-ui.min.js?s=1725175896)
[06-Feb-2025 12:07:36 +0100]: PHP Error: config.inc.php - true (GET /index.php/login/plugins/jqueryui/js/jquery-ui.min.js?s=1725175896)
[06-Feb-2025 12:07:36 +0100]: PHP Error: myfirstmaildomain_tld_node1_conf.inc.php - true (GET /index.php/login/plugins/jqueryui/js/jquery-ui.min.js?s=1725175896)
[06-Feb-2025 12:07:36 +0100]: PHP Error: defaults.inc.php - true (GET /index.php/login/plugins/jqueryui/js/i18n/datepicker-de.js?s=1725175896)
[06-Feb-2025 12:07:36 +0100]: PHP Error: config.inc.php - true (GET /index.php/login/plugins/jqueryui/js/i18n/datepicker-de.js?s=1725175896)
[06-Feb-2025 12:07:36 +0100]: PHP Error: myfirstmaildomain_tld_node1_conf.inc.php - true (GET /index.php/login/plugins/jqueryui/js/i18n/datepicker-de.js?s=1725175896)
[06-Feb-2025 12:07:36 +0100]: <eu1aj793> PHP Error: Array
(
[provider] => generic
[auth_uri] => https://sso.node1.mykeycloakdomain.tld:8443/realms/MySSORealm/protocol/openid-connect/auth
[token_uri] => https://sso.node1.mykeycloakdomain.tld:8443/realms/MySSORealm/protocol/openid-connect/token
[client_id] => MyKeycloak-MailclientID
[client_secret] => eotZzGsxSiddaaE1QIRM18BHE3b0VQaJ
[identity_uri] => https://sso.node1.mykeycloakdomain.tld:8443/realms/MySSORealm/protocol/openid-connect/userinfo
[identity_fields] => Array
(
[0] => openid
[1] => username
)
[scope] => openid email profile roles
[verify_peer] => 1
[auth_parameters] => Array
(
)
[login_redirect] =>
)
(GET /index.php/login/plugins/jqueryui/js/i18n/datepicker-de.js?s=1725175896)
[06-Feb-2025 12:07:36 +0100]: <eu1aj793> PHP Error: /var/lib/roundcube/plugins/password/config.inc.php - true (GET /index.php/login/plugins/jqueryui/js/i18n/datepicker-de.js?s=1725175896)
[06-Feb-2025 12:07:36 +0100]: <eu1aj793> PHP Error: /var/lib/roundcube/plugins/jqueryui/config.inc.php - true (GET /index.php/login/plugins/jqueryui/js/i18n/datepicker-de.js?s=1725175896)
[06-Feb-2025 12:07:36 +0100]: <eu1aj793> PHP Error: Array
(
[provider] => generic
[auth_uri] => https://sso.node1.mykeycloakdomain.tld:8443/realms/MySSORealm/protocol/openid-connect/auth
[token_uri] => https://sso.node1.mykeycloakdomain.tld:8443/realms/MySSORealm/protocol/openid-connect/token
[client_id] => MyKeycloak-MailclientID
[client_secret] => eotZzGsxSiddaaE1QIRM18BHE3b0VQaJ
[identity_uri] => https://sso.node1.mykeycloakdomain.tld:8443/realms/MySSORealm/protocol/openid-connect/userinfo
[identity_fields] => Array
(
[0] => openid
[1] => username
)
[scope] => openid email profile roles
[verify_peer] => 1
[auth_parameters] => Array
(
)
[login_redirect] =>
)
(GET /index.php/login/plugins/jqueryui/js/jquery-ui.min.js?s=1725175896)
[06-Feb-2025 12:07:36 +0100]: <eu1aj793> PHP Error: /var/lib/roundcube/plugins/password/config.inc.php - true (GET /index.php/login/plugins/jqueryui/js/jquery-ui.min.js?s=1725175896)
[06-Feb-2025 12:07:36 +0100]: <eu1aj793> PHP Error: /var/lib/roundcube/plugins/jqueryui/config.inc.php - true (GET /index.php/login/plugins/jqueryui/js/jquery-ui.min.js?s=1725175896)
[06-Feb-2025 12:07:36 +0100]: PHP Error: defaults.inc.php - true (GET /index.php/login/skins/mylarrybasedskin/images/roundcube_logo.png?s=1643378700)
[06-Feb-2025 12:07:36 +0100]: PHP Error: config.inc.php - true (GET /index.php/login/skins/mylarrybasedskin/images/roundcube_logo.png?s=1643378700)
[06-Feb-2025 12:07:36 +0100]: PHP Error: myfirstmaildomain_tld_node1_conf.inc.php - true (GET /index.php/login/skins/mylarrybasedskin/images/roundcube_logo.png?s=1643378700)
[06-Feb-2025 12:07:36 +0100]: <eu1aj793> PHP Error: Array
(
[provider] => generic
[auth_uri] => https://sso.node1.mykeycloakdomain.tld:8443/realms/MySSORealm/protocol/openid-connect/auth
[token_uri] => https://sso.node1.mykeycloakdomain.tld:8443/realms/MySSORealm/protocol/openid-connect/token
[client_id] => MyKeycloak-MailclientID
[client_secret] => eotZzGsxSiddaaE1QIRM18BHE3b0VQaJ
[identity_uri] => https://sso.node1.mykeycloakdomain.tld:8443/realms/MySSORealm/protocol/openid-connect/userinfo
[identity_fields] => Array
(
[0] => openid
[1] => username
)
[scope] => openid email profile roles
[verify_peer] => 1
[auth_parameters] => Array
(
)
[login_redirect] =>
)
(GET /index.php/login/skins/mylarrybasedskin/images/roundcube_logo.png?s=1643378700)
[06-Feb-2025 12:07:36 +0100]: <eu1aj793> PHP Error: /var/lib/roundcube/plugins/password/config.inc.php - true (GET /index.php/login/skins/mylarrybasedskin/images/roundcube_logo.png?s=1643378700)
[06-Feb-2025 12:07:36 +0100]: <eu1aj793> PHP Error: /var/lib/roundcube/plugins/jqueryui/config.inc.php - true (GET /index.php/login/skins/mylarrybasedskin/images/roundcube_logo.png?s=1643378700)
[06-Feb-2025 12:07:36 +0100]: PHP Error: defaults.inc.php - true (GET /index.php/login/skins/mylarrybasedskin/images/favicon.ico?s=1643278320)
[06-Feb-2025 12:07:36 +0100]: PHP Error: config.inc.php - true (GET /index.php/login/skins/mylarrybasedskin/images/favicon.ico?s=1643278320)
[06-Feb-2025 12:07:36 +0100]: PHP Error: myfirstmaildomain_tld_node1_conf.inc.php - true (GET /index.php/login/skins/mylarrybasedskin/images/favicon.ico?s=1643278320)
[06-Feb-2025 12:07:36 +0100]: <eu1aj793> PHP Error: Array
(
[provider] => generic
[auth_uri] => https://sso.node1.mykeycloakdomain.tld:8443/realms/MySSORealm/protocol/openid-connect/auth
[token_uri] => https://sso.node1.mykeycloakdomain.tld:8443/realms/MySSORealm/protocol/openid-connect/token
[client_id] => MyKeycloak-MailclientID
[client_secret] => eotZzGsxSiddaaE1QIRM18BHE3b0VQaJ
[identity_uri] => https://sso.node1.mykeycloakdomain.tld:8443/realms/MySSORealm/protocol/openid-connect/userinfo
[identity_fields] => Array
(
[0] => openid
[1] => username
)
[scope] => openid email profile roles
[verify_peer] => 1
[auth_parameters] => Array
(
)
[login_redirect] =>
)
(GET /index.php/login/skins/mylarrybasedskin/images/favicon.ico?s=1643278320)
[06-Feb-2025 12:07:36 +0100]: <eu1aj793> PHP Error: /var/lib/roundcube/plugins/password/config.inc.php - true (GET /index.php/login/skins/mylarrybasedskin/images/favicon.ico?s=1643278320)
[06-Feb-2025 12:07:36 +0100]: <eu1aj793> PHP Error: /var/lib/roundcube/plugins/jqueryui/config.inc.php - true (GET /index.php/login/skins/mylarrybasedskin/images/favicon.ico?s=1643278320)
I think theres somewhere another faulty value hidden...but actually im stuck in finding the fitting hint where to look:
(GET /index.php/login/oauth?state=eQyeb25cBWMN&session_state=442c9c83-15bc-49d1-9666-f1de5bf20f7d&iss=https%3A%2F%2Fsso.node1.mykeycloakdomain.tld%3A8443%2Frealms%2FMySSORealm&code=d60ce6b0-ec5c-43a9-bb8c-2fd0f6b6fc1b.442c9c83-15bc-49d1-9666-f1de5bf20f7d.cdd15124-a187-42b4-99f4-3e68801fe39a)
[06-Feb-2025 12:07:35 +0100]: <eu1aj793> PHP Error: /var/lib/roundcube/plugins/password/config.inc.php - true (GET /index.php/login/oauth?state=eQyeb25cBWMN&session_state=442c9c83-15bc-49d1-9666-f1de5bf20f7d&iss=https%3A%2F%2Fsso.node1.mykeycloakdomain.tld%3A8443%2Frealms%2FMySSORealm&code=d60ce6b0-ec5c-43a9-bb8c-2fd0f6b6fc1b.442c9c83-15bc-49d1-9666-f1de5bf20f7d.cdd15124-a187-42b4-99f4-3e68801fe39a)
[06-Feb-2025 12:07:35 +0100]: <eu1aj793> PHP Error: /var/lib/roundcube/plugins/jqueryui/config.inc.php - true (GET /index.php/login/oauth?state=eQyeb25cBWMN&session_state=442c9c83-15bc-49d1-9666-f1de5bf20f7d&iss=https%3A%2F%2Fsso.node1.mykeycloakdomain.tld%3A8443%2Frealms%2FMySSORealm&code=d60ce6b0-ec5c-43a9-bb8c-2fd0f6b6fc1b.442c9c83-15bc-49d1-9666-f1de5bf20f7d.cdd15124-a187-42b4-99f4-3e68801fe39a)
[06-Feb-2025 12:07:36 +0100]: <eu1aj793> PHP Error: OAuth token request failed: Client error: `POST https://sso.node1.mykeycloakdomain.tld:8443/realms/MySSORealm/protocol/openid-connect/token` resulted in a `400 Bad Request` response:
{"error":"invalid_grant","error_description":"Incorrect redirect_uri"}
; cznode3 GuzzleHttp/7 - [06/Feb/2025:12:07:36 +0100] "POST /realms/MySSORealm/protocol/openid-connect/token HTTP/1.1" 400 70 in /var/lib/roundcube/program/include/rcmail_oauth.php on line 322 (GET /index.php/login/oauth?state=eQyeb25cBWMN&session_state=442c9c83-15bc-49d1-9666-f1de5bf20f7d&iss=https%3A%2F%2Fsso.node1.mykeycloakdomain.tld%3A8443%2Frealms%2FMySSORealm&code=d60ce6b0-ec5c-43a9-bb8c-2fd0f6b6fc1b.442c9c83-15bc-49d1-9666-f1de5bf20f7d.cdd15124-a187-42b4-99f4-3e68801fe39a)
[06-Feb-2025 12:07:36 +0100]: PHP Error: defaults.inc.php - true (GET /index.php/login/skins/mylarrybasedskin/styles.min.css?s=1737731252)
[06-Feb-2025 12:07:36 +0100]: PHP Error: config.inc.php - true (GET /index.php/login/skins/mylarrybasedskin/styles.min.css?s=1737731252)
[06-Feb-2025 12:07:36 +0100]: PHP Error: myfirstmaildomain_tld_node1_conf.inc.php - true (GET /index.php/login/skins/mylarrybasedskin/styles.min.css?s=1737731252)
[06-Feb-2025 12:07:36 +0100]: <eu1aj793> PHP Error: Array
(
[provider] => generic
[auth_uri] => https://sso.node1.mykeycloakdomain.tld:8443/realms/MySSORealm/protocol/openid-connect/auth
[token_uri] => https://sso.node1.mykeycloakdomain.tld:8443/realms/MySSORealm/protocol/openid-connect/token
[client_id] => MyKeycloak-MailclientID
[client_secret] => eotZzGsxSiddaaE1QIRM18BHE3b0VQaJ
[identity_uri] => https://sso.node1.mykeycloakdomain.tld:8443/realms/MySSORealm/protocol/openid-connect/userinfo
[identity_fields] => Array
(
[0] => openid
[1] => username
)
[scope] => openid email profile roles
[verify_peer] => 1
[auth_parameters] => Array
(
)
[login_redirect] =>
)
(GET /index.php/login/skins/mylarrybasedskin/styles.min.css?s=1737731252)
The allowed redirect URIs configured inside my Keycloak Client are:
https://mail.node1.myfirstmaildomain.tld/*
https://node1.myfirstmaildomain.tld/*
https://myfirstmaildomain.tld/*
..and thats why im wondering a bit about
[06-Feb-2025 12:07:36 +0100]: <eu1aj793> PHP Error: OAuth token request failed: Client error: `POST https://sso.node1.mykeycloakdomain.tld:8443/realms/MySSORealm/protocol/openid-connect/token` resulted in a `400 Bad Request` response:
{"error":"invalid_grant","error_description":"Incorrect redirect_uri"}
; cznode3 GuzzleHttp/7 -
Well at least we're past the config problems, now it looks like a Keycloak config issue. To see what Roundcube is sending for the redirect uri in the <RC root>/program/include/rcmail_oauth.php file in the "get_redirect_uri" function right before the return line add:
rcube::raise_error(slashify($url) . 'index.php/login/oauth', true);
That will print the redirect_uri to the error log so we can verify what is being requested.
Due to the Size of the error.log i posted it completely at https://pastebin.com/GwEQ0CXn ..
2 short extracts:
[06-Feb-2025 15:45:31 +0100]: PHP Error: defaults.inc.php - true (GET /index.php/login/oauth?state=2gexyBnu3xxL&session_state=356657db-86aa-4b4e-af4f-3fb1b6e1f050&iss=https%3A%2F%2Fsso.node1.mykeycloakdomain.tld%3A8443%2Frealms%2FMySSORealm&code=1fb533b9-4883-4f17-b9a9-6ebd9451a5aa.356657db-86aa-4b4e-af4f-3fb1b6e1f050.cdd15124-a187-42b4-99f4-3e68801fe39a)
[06-Feb-2025 15:45:31 +0100]: PHP Error: config.inc.php - true (GET /index.php/login/oauth?state=2gexyBnu3xxL&session_state=356657db-86aa-4b4e-af4f-3fb1b6e1f050&iss=https%3A%2F%2Fsso.node1.mykeycloakdomain.tld%3A8443%2Frealms%2FMySSORealm&code=1fb533b9-4883-4f17-b9a9-6ebd9451a5aa.356657db-86aa-4b4e-af4f-3fb1b6e1f050.cdd15124-a187-42b4-99f4-3e68801fe39a)
[06-Feb-2025 15:45:31 +0100]: PHP Error: myfirstmaildomain_tld_node1_conf.inc.php - true (GET /index.php/login/oauth?state=2gexyBnu3xxL&session_state=356657db-86aa-4b4e-af4f-3fb1b6e1f050&iss=https%3A%2F%2Fsso.node1.mykeycloakdomain.tld%3A8443%2Frealms%2FMySSORealm&code=1fb533b9-4883-4f17-b9a9-6ebd9451a5aa.356657db-86aa-4b4e-af4f-3fb1b6e1f050.cdd15124-a187-42b4-99f4-3e68801fe39a)
[06-Feb-2025 15:45:31 +0100]: <eu1aj793> PHP Error: Array
(
[provider] => generic
[auth_uri] => https://sso.node1.mykeycloakdomain.tld:8443/realms/MySSORealm/protocol/openid-connect/auth
[token_uri] => https://sso.node1.mykeycloakdomain.tld:8443/realms/MySSORealm/protocol/openid-connect/token
[client_id] => MyKeycloak-MailclientID
[client_secret] => eotZzGsxSiddaaE1QIRM18BHE3b0VQaJ
[identity_uri] => https://sso.node1.mykeycloakdomain.tld:8443/realms/MySSORealm/protocol/openid-connect/userinfo
[identity_fields] => Array
(
[0] => openid
[1] => username
)
[scope] => openid email profile roles
[verify_peer] => 1
[auth_parameters] => Array
(
)
[login_redirect] =>
)
(GET /index.php/login/oauth?state=2gexyBnu3xxL&session_state=356657db-86aa-4b4e-af4f-3fb1b6e1f050&iss=https%3A%2F%2Fsso.node1.mykeycloakdomain.tld%3A8443%2Frealms%2FMySSORealm&code=1fb533b9-4883-4f17-b9a9-6ebd9451a5aa.356657db-86aa-4b4e-af4f-3fb1b6e1f050.cdd15124-a187-42b4-99f4-3e68801fe39a)
[06-Feb-2025 15:45:31 +0100]: <eu1aj793> PHP Error: /var/lib/roundcube/plugins/password/config.inc.php - true (GET /index.php/login/oauth?state=2gexyBnu3xxL&session_state=356657db-86aa-4b4e-af4f-3fb1b6e1f050&iss=https%3A%2F%2Fsso.node1.mykeycloakdomain.tld%3A8443%2Frealms%2FMySSORealm&code=1fb533b9-4883-4f17-b9a9-6ebd9451a5aa.356657db-86aa-4b4e-af4f-3fb1b6e1f050.cdd15124-a187-42b4-99f4-3e68801fe39a)
[06-Feb-2025 15:45:31 +0100]: <eu1aj793> PHP Error: /var/lib/roundcube/plugins/jqueryui/config.inc.php - true (GET /index.php/login/oauth?state=2gexyBnu3xxL&session_state=356657db-86aa-4b4e-af4f-3fb1b6e1f050&iss=https%3A%2F%2Fsso.node1.mykeycloakdomain.tld%3A8443%2Frealms%2FMySSORealm&code=1fb533b9-4883-4f17-b9a9-6ebd9451a5aa.356657db-86aa-4b4e-af4f-3fb1b6e1f050.cdd15124-a187-42b4-99f4-3e68801fe39a)
[06-Feb-2025 15:45:31 +0100]: <eu1aj793> PHP Error: https://mail.node1.myfirstmaildomain.tld/index.php/login/index.php/login/oauth (GET /index.php/login/oauth?state=2gexyBnu3xxL&session_state=356657db-86aa-4b4e-af4f-3fb1b6e1f050&iss=https%3A%2F%2Fsso.node1.mykeycloakdomain.tld%3A8443%2Frealms%2FMySSORealm&code=1fb533b9-4883-4f17-b9a9-6ebd9451a5aa.356657db-86aa-4b4e-af4f-3fb1b6e1f050.cdd15124-a187-42b4-99f4-3e68801fe39a)
[06-Feb-2025 15:45:31 +0100]: <eu1aj793> PHP Error: OAuth token request failed: Client error: `POST https://sso.node1.mykeycloakdomain.tld:8443/realms/MySSORealm/protocol/openid-connect/token` resulted in a `400 Bad Request` response:
{"error":"invalid_grant","error_description":"Incorrect redirect_uri"}
; cznode3 GuzzleHttp/7 - [06/Feb/2025:15:45:31 +0100] "POST /realms/MySSORealm/protocol/openid-connect/token HTTP/1.1" 400 70 in /var/lib/roundcube/program/include/rcmail_oauth.php on line 322 (GET /index.php/login/oauth?state=2gexyBnu3xxL&session_state=356657db-86aa-4b4e-af4f-3fb1b6e1f050&iss=https%3A%2F%2Fsso.node1.mykeycloakdomain.tld%3A8443%2Frealms%2FMySSORealm&code=1fb533b9-4883-4f17-b9a9-6ebd9451a5aa.356657db-86aa-4b4e-af4f-3fb1b6e1f050.cdd15124-a187-42b4-99f4-3e68801fe39a)
[06-Feb-2025 15:45:31 +0100]: PHP Error: defaults.inc.php - true (GET /index.php/login/skins/mylarrybasedskin/styles.min.css?s=1737731252)
[06-Feb-2025 15:45:31 +0100]: PHP Error: config.inc.php - true (GET /index.php/login/skins/mylarrybasedskin/styles.min.css?s=1737731252)
[06-Feb-2025 15:45:31 +0100]: PHP Error: myfirstmaildomain_tld_node1_conf.inc.php - true (GET /index.php/login/skins/mylarrybasedskin/styles.min.css?s=1737731252)
[06-Feb-2025 15:45:31 +0100]: <eu1aj793> PHP Error: Array
(
[provider] => generic
[auth_uri] => https://sso.node1.mykeycloakdomain.tld:8443/realms/MySSORealm/protocol/openid-connect/auth
[token_uri] => https://sso.node1.mykeycloakdomain.tld:8443/realms/MySSORealm/protocol/openid-connect/token
[client_id] => MyKeycloak-MailclientID
[client_secret] => eotZzGsxSiddaaE1QIRM18BHE3b0VQaJ
[identity_uri] => https://sso.node1.mykeycloakdomain.tld:8443/realms/MySSORealm/protocol/openid-connect/userinfo
[identity_fields] => Array
(
[0] => openid
[1] => username
)
[scope] => openid email profile roles
[verify_peer] => 1
[auth_parameters] => Array
(
)
[login_redirect] =>
)
(GET /index.php/login/skins/mylarrybasedskin/styles.min.css?s=1737731252)
...
second extract:
...
(GET /index.php/login/?_task=login&_action=oauth)
[06-Feb-2025 15:45:36 +0100]: <eu1aj793> PHP Error: /var/lib/roundcube/plugins/password/config.inc.php - true (GET /index.php/login/?_task=login&_action=oauth)
[06-Feb-2025 15:45:36 +0100]: <eu1aj793> PHP Error: /var/lib/roundcube/plugins/jqueryui/config.inc.php - true (GET /index.php/login/?_task=login&_action=oauth)
[06-Feb-2025 15:45:36 +0100]: <eu1aj793> PHP Error: https://mail.node1.myfirstmaildomain.tld/index.php/login/index.php/login/oauth (GET /index.php/login/?_task=login&_action=oauth)
[06-Feb-2025 15:45:36 +0100]: PHP Error: defaults.inc.php - true (GET /index.php/login/index.php/login/oauth?state=iSOtpJAHsXK7&session_state=356657db-86aa-4b4e-af4f-3fb1b6e1f050&iss=https%3A%2F%2Fsso.node1.mykeycloakdomain.tld%3A8443%2Frealms%2FMySSORealm&code=71bd6ed2-ee19-4067-95fd-b4f155954904.356657db-86aa-4b4e-af4f-3fb1b6e1f050.cdd15124-a187-42b4-99f4-3e68801fe39a)
[06-Feb-2025 15:45:36 +0100]: PHP Error: config.inc.php - true (GET /index.php/login/index.php/login/oauth?state=iSOtpJAHsXK7&session_state=356657db-86aa-4b4e-af4f-3fb1b6e1f050&iss=https%3A%2F%2Fsso.node1.mykeycloakdomain.tld%3A8443%2Frealms%2FMySSORealm&code=71bd6ed2-ee19-4067-95fd-b4f155954904.356657db-86aa-4b4e-af4f-3fb1b6e1f050.cdd15124-a187-42b4-99f4-3e68801fe39a)
[06-Feb-2025 15:45:36 +0100]: PHP Error: myfirstmaildomain_tld_node1_conf.inc.php - true (GET /index.php/login/index.php/login/oauth?state=iSOtpJAHsXK7&session_state=356657db-86aa-4b4e-af4f-3fb1b6e1f050&iss=https%3A%2F%2Fsso.node1.mykeycloakdomain.tld%3A8443%2Frealms%2FMySSORealm&code=71bd6ed2-ee19-4067-95fd-b4f155954904.356657db-86aa-4b4e-af4f-3fb1b6e1f050.cdd15124-a187-42b4-99f4-3e68801fe39a)
[06-Feb-2025 15:45:36 +0100]: <eu1aj793> PHP Error: Array
(
[provider] => generic
[auth_uri] => https://sso.node1.mykeycloakdomain.tld:8443/realms/MySSORealm/protocol/openid-connect/auth
[token_uri] => https://sso.node1.mykeycloakdomain.tld:8443/realms/MySSORealm/protocol/openid-connect/token
[client_id] => MyKeycloak-MailclientID
[client_secret] => eotZzGsxSiddaaE1QIRM18BHE3b0VQaJ
[identity_uri] => https://sso.node1.mykeycloakdomain.tld:8443/realms/MySSORealm/protocol/openid-connect/userinfo
[identity_fields] => Array
(
[0] => openid
[1] => username
)
[scope] => openid email profile roles
[verify_peer] => 1
[auth_parameters] => Array
(
)
[login_redirect] =>
)
(GET /index.php/login/index.php/login/oauth?state=iSOtpJAHsXK7&session_state=356657db-86aa-4b4e-af4f-3fb1b6e1f050&iss=https%3A%2F%2Fsso.node1.mykeycloakdomain.tld%3A8443%2Frealms%2FMySSORealm&code=71bd6ed2-ee19-4067-95fd-b4f155954904.356657db-86aa-4b4e-af4f-3fb1b6e1f050.cdd15124-a187-42b4-99f4-3e68801fe39a)
[06-Feb-2025 15:45:36 +0100]: <eu1aj793> PHP Error: /var/lib/roundcube/plugins/password/config.inc.php - true (GET /index.php/login/index.php/login/oauth?state=iSOtpJAHsXK7&session_state=356657db-86aa-4b4e-af4f-3fb1b6e1f050&iss=https%3A%2F%2Fsso.node1.mykeycloakdomain.tld%3A8443%2Frealms%2FMySSORealm&code=71bd6ed2-ee19-4067-95fd-b4f155954904.356657db-86aa-4b4e-af4f-3fb1b6e1f050.cdd15124-a187-42b4-99f4-3e68801fe39a)
[06-Feb-2025 15:45:36 +0100]: <eu1aj793> PHP Error: /var/lib/roundcube/plugins/jqueryui/config.inc.php - true (GET /index.php/login/index.php/login/oauth?state=iSOtpJAHsXK7&session_state=356657db-86aa-4b4e-af4f-3fb1b6e1f050&iss=https%3A%2F%2Fsso.node1.mykeycloakdomain.tld%3A8443%2Frealms%2FMySSORealm&code=71bd6ed2-ee19-4067-95fd-b4f155954904.356657db-86aa-4b4e-af4f-3fb1b6e1f050.cdd15124-a187-42b4-99f4-3e68801fe39a)
[06-Feb-2025 15:45:36 +0100]: PHP Error: defaults.inc.php - true (GET /index.php/login/index.php/login/skins/mylarrybasedskin/ui.min.js?s=1689092804)
[06-Feb-2025 15:45:36 +0100]: PHP Error: config.inc.php - true (GET /index.php/login/index.php/login/skins/mylarrybasedskin/ui.min.js?s=1689092804)
[06-Feb-2025 15:45:36 +0100]: PHP Error: myfirstmaildomain_tld_node1_conf.inc.php - true (GET /index.php/login/index.php/login/skins/mylarrybasedskin/ui.min.js?s=1689092804)
[06-Feb-2025 15:45:36 +0100]: PHP Error: defaults.inc.php - true (GET /index.php/login/index.php/login/program/js/common.min.js?s=1725175896)
[06-Feb-2025 15:45:36 +0100]: PHP Error: config.inc.php - true (GET /index.php/login/index.php/login/program/js/common.min.js?s=1725175896)
[06-Feb-2025 15:45:36 +0100]: PHP Error: defaults.inc.php - true (GET /index.php/login/index.php/login/program/js/app.min.js?s=1725175896)
[06-Feb-2025 15:45:36 +0100]: PHP Error: myfirstmaildomain_tld_node1_conf.inc.php - true (GET /index.php/login/index.php/login/program/js/common.min.js?s=1725175896)
[06-Feb-2025 15:45:36 +0100]: PHP Error: config.inc.php - true (GET /index.php/login/index.php/login/program/js/app.min.js?s=1725175896)
[06-Feb-2025 15:45:36 +0100]: PHP Error: myfirstmaildomain_tld_node1_conf.inc.php - true (GET /index.php/login/index.php/login/program/js/app.min.js?s=1725175896)
[06-Feb-2025 15:45:36 +0100]: PHP Error: defaults.inc.php - true (GET /index.php/login/index.php/login/skins/mylarrybasedskin/styles.min.css?s=1737731252)
[06-Feb-2025 15:45:36 +0100]: PHP Error: config.inc.php - true (GET /index.php/login/index.php/login/skins/mylarrybasedskin/styles.min.css?s=1737731252)
[06-Feb-2025 15:45:36 +0100]: PHP Error: myfirstmaildomain_tld_node1_conf.inc.php - true (GET /index.php/login/index.php/login/skins/mylarrybasedskin/styles.min.css?s=1737731252)
[06-Feb-2025 15:45:36 +0100]: PHP Error: defaults.inc.php - true (GET /index.php/login/index.php/login/skins/mylarrybasedskin/plugins/jqueryui/jquery-ui.min.css?s=1689092804)
[06-Feb-2025 15:45:36 +0100]: PHP Error: config.inc.php - true (GET /index.php/login/index.php/login/skins/mylarrybasedskin/plugins/jqueryui/jquery-ui.min.css?s=1689092804)
[06-Feb-2025 15:45:36 +0100]: PHP Error: myfirstmaildomain_tld_node1_conf.inc.php - true (GET /index.php/login/index.php/login/skins/mylarrybasedskin/plugins/jqueryui/jquery-ui.min.css?s=1689092804)
[06-Feb-2025 15:45:36 +0100]: PHP Error: defaults.inc.php - true (GET /index.php/login/index.php/login/program/js/jquery.min.js?s=1555656720)
[06-Feb-2025 15:45:36 +0100]: PHP Error: config.inc.php - true (GET /index.php/login/index.php/login/program/js/jquery.min.js?s=1555656720)
[06-Feb-2025 15:45:36 +0100]: PHP Error: myfirstmaildomain_tld_node1_conf.inc.php - true (GET /index.php/login/index.php/login/program/js/jquery.min.js?s=1555656720)
[06-Feb-2025 15:45:36 +0100]: <eu1aj793> PHP Error: Array
(
[provider] => generic
[auth_uri] => https://sso.node1.mykeycloakdomain.tld:8443/realms/MySSORealm/protocol/openid-connect/auth
[token_uri] => https://sso.node1.mykeycloakdomain.tld:8443/realms/MySSORealm/protocol/openid-connect/token
[client_id] => MyKeycloak-MailclientID
[client_secret] => eotZzGsxSiddaaE1QIRM18BHE3b0VQaJ
[identity_uri] => https://sso.node1.mykeycloakdomain.tld:8443/realms/MySSORealm/protocol/openid-connect/userinfo
[identity_fields] => Array
(
[0] => openid
[1] => username
)
[scope] => openid email profile roles
[verify_peer] => 1
[auth_parameters] => Array
(
)
[login_redirect] =>
)
(GET /index.php/login/index.php/login/skins/mylarrybasedskin/ui.min.js?s=1689092804)
...
Seems it multiplies index.php/login somewhere..??
I agree the duplicate /index.php/login is likely the problem. Can you make a test file with the following and post the results?
<?php
echo 'REDIRECT_SCRIPT_URL: '. $_SERVER['REDIRECT_SCRIPT_URL'] .'<br />';
echo 'SCRIPT_NAME: '. $_SERVER['SCRIPT_NAME'] .'<br />';
echo 'REQUEST_URI: '. $_SERVER['REQUEST_URI'] .'<br />';
Result of the testfile:
REDIRECT_SCRIPT_URL:
SCRIPT_NAME: /serverinfo3.php
REQUEST_URI: /serverinfo3.php
Seems ok,but i found out that on another node where i changed the config according to the efforts we made here doen´t make such troble...guess in my tries to fix the problem somewhere an error sneakd into the code ... now i get on another node (maildomains are loadbalanced via an apache reverse proxy and this works!) jut a hint that told me to upgrade my dovecot as the newer version 2.3.21 instead of 2.3.7.2) supports more oauth options and these ways better than the older version...but i try this tomorrow as jobtime is over for today (18:27 CET here now, starting tormorrow at 9:00 again).. :-)
Error.log from the other node actually adopted to Multidomain configuration and oauth used in the first Maildomain (but without the small amount of debug-settings):
[06-Feb-2025 17:26:00 +0100]: <2ktbfcnh> PHP Error: OAuth token request failed: Client error: `POST https://sso.node2.mykeycloakdomain.tld:8443/realms/MySSORealm/protocol/openid-connect/token` resulted in a `400 Bad Request` response:
{"error":"invalid_grant","error_description":"Code not valid"}
; cznode1 GuzzleHttp/7 - [06/Feb/2025:17:26:00 +0100] "POST /realms/MySSORealm/protocol/openid-connect/token HTTP/1.1" 400 62 in /var/lib/roundcube/program/include/rcmail_oauth.php on line 321 (GET /index.php/login/oauth?state=6uM1IWeopmAI&session_state=b0941ada-c8f9-4043-8c03-dbd93a267a9b&iss=https%3A%2F%2Fsso.node2.mykeycloakdomain.tld%3A8443%2Frealms%2FMySSORealm&code=dd93c1f0-c7b5-4c47-bc82-48aaa132f3ad.b0941ada-c8f9-4043-8c03-dbd93a267a9b.cdd15124-a187-42b4-99f4-3e68801fe39a)
[06-Feb-2025 17:26:04 +0100]: <2ktbfcnh> IMAP Error: Login failed for [email protected] against node2.myfirstmaildomain.tld from 78.48.241.104. AUTHENTICATE XOAUTH2: A0002 NO [AUTHENTICATIONFAILED] Authentication failed. in /var/lib/roundcube/program/lib/Roundcube/rcube_imap.php on line 211 (GET /index.php/login/oauth?state=3fGfhdkRCo95&session_state=b0941ada-c8f9-4043-8c03-dbd93a267a9b&iss=https%3A%2F%2Fsso.node2.mykeycloakdomain.tld%3A8443%2Frealms%2FMySSORealm&code=c551cbbe-c2de-4c80-b2c1-050b07353f66.b0941ada-c8f9-4043-8c03-dbd93a267a9b.cdd15124-a187-42b4-99f4-3e68801fe39a)