I am trying to configure Wiki.js to work with my Azure AD B2C authentication. My Wiki.js version is 2.5.296.
To achieve, this I am using the "Generic OpenID Connect / OAuth2" authentication option on the Wiki.js side.
This does not work. After signing in with this option, I receive a message stating "Invalid email/ username or password" from Wiki.js.
As far as I can see, I have configured everything correctly from the Wiki.js side, with all of the "standard" OpendID Connect endpoints in the right place.
Note: To achieve this in Azure AD B2C I had to use a custom policy to setup a new "UserInfo" endpoint. I have tested this endpoint using Azure AD B2C and Postman (to obtain the UserInfo) and it all works. I have also verified that I am returning the "email" claim (which Wiki.js is expecting):
I can't seem to find any logs in Wiki.js which could suggest what is wrong.
My question is: How to proceed?
Is there a way I can get any extra logs out of Wiki.js? Should I consider checking out the Wiki.js source code and debugging? Has anyone any experience of integrating with a generic OpenID Connect provider with Wiki.js?
I decided to clone the Github repository and debug through the Wiki.js code. The developer documentation is very good and it was easy to get things up and running, especially using developer containers in VScode.
For more info see: https://docs.requarks.io/dev
In this way, I was able to get more detail from the error messages which were coming from the underlying authentication library that Wiki.js uses: "passport-openidconnect" in my case.
The first message was that my issuer was invalid - which it was! I was missing a trailing forward slash.
After fixing this I have hit another error from the auth library: The UserInfo endpoint is returning 401. I haven't fixed this particular problem yet but at least I have something to investigate now.