I get the following error messages from the Apache mod_auth_openidc module when trying to get an access token after successful authorization during the authorization code grant flow:
[Fri Aug 02 09:19:55.682417 2024] [auth_openidc:debug] [pid 46548:tid 140693632694016] src/util.c(818): [client 10.143.241.138:25147] oidc_util_http_call: url=https://mysubtenant.mycompany.auth0app.com/oauth/token, data=grant_type=authorization_code&code=D_q7y3AniNUJ81bM4aSdbCIHSwN2OjLBSMLjJvmxspbkc&redirect_uri=https%3A%2F%2Fapache-linux-qa.mytest.mycompany.cloud%2FMyTestApp%2Fredirect_uri&client_id=MyClientID&client_secret=MyClientSecret, content_type=application/x-www-form-urlencoded, basic_auth=null, bearer_token=(null), ssl_validate_server=0, timeout=60, outgoing_proxy=(null), pass_cookies=0, ssl_cert=(null), ssl_key=(null), ssl_key_pwd=(null)
[Fri Aug 02 09:19:55.691199 2024] [auth_openidc:error] [pid 46548:tid 140693632694016] [client 10.143.241.138:25147] oidc_util_http_call: curl_easy_perform() failed on: https://mysubtenant.mycompany.auth0app.com/oauth/token ()
[Fri Aug 02 09:19:55.691259 2024] [auth_openidc:warn] [pid 46548:tid 140693632694016] [client 10.143.241.138:25147] oidc_proto_token_endpoint_request: error when calling the token endpoint (https://mysubtenant.mycompany.auth0app.com/oauth/token)
My Apache configuration looks like this:
OIDCProviderIssuer https://mysubtenant.mycompany.auth0app.com
OIDCProviderAuthorizationEndpoint https://mysubtenant.mycompany.auth0app.com/authorize?connection=main-tenant-oidc
OIDCProviderTokenEndpoint https://mysubtenant.mycompany.auth0app.com/oauth/token
OIDCProviderUserInfoEndpoint https://mysubtenant.mycompany.auth0app.com/userinfo
OIDCProviderTokenEndpointAuth client_secret_post
OIDCSSLValidateServer Off
OIDCOAuthSSLValidateServer Off
OIDCClientID MyClientID
OIDCClientSecret MyClientSecret
OIDCCookiePath /MyTestApp/
OIDCRedirectURI https://apache-linux-qa.mytest.mycompany.cloud/MyTestApp/redirect_uri
OIDCScope "openid email profile"
OIDCCryptoPassphrase "MyPassPhrase"
<Location /MyTestApp/>
AuthType openid-connect
Require valid-user
LogLevel debug
</Location>
When I copy the authorization code along with the other parameters from the log file into a Bruno/Postman request, then I get a valid access token.
{
"client_id": "MyClientID",
"client_secret": "MyClientSecret",
"redirect_uri": "https://apache-linux-qa.mytest.mycompany.cloud/MyTestApp/redirect_uri",
"grant_type": "authorization_code",
"code": "i8phLCzkZ7Sy7Q_PUm1EANRo1WI1Shnn8vdg0MQQXT2LF"
}