'How to integrate Synapse Matrix SSO (OpenID) with ADFS

I'm trying to integrate Synapse Matrix with ADFS via SSO (Open ID Connect). I run Synapse with ansible playbook which is available at https://github.com/spantaleev/matrix-docker-ansible-deploy. I'm trying with config as below:

matrix_synapse_configuration_extension_yaml: |
  suppress_key_server_warning: true
  oidc_providers:
    - idp_id: adfs
      idp_name: "ADFS"
      discover: false
      issuer: "https://example.domain/adfs/"
      client_id: "XXXXXXXXXXXXXXXXXXXXXXXXXXXX"
      client_secret: "XXXXXXXXXXXXXXXXXXXXXXXXXXXX"
      #client_auth_method: client_secret_post
      scopes: ["openid", "profile"]
      authorization_endpoint: "https://adfs.example.domain/adfs/auth"
      token_endpoint: "https://adfs.example.domain/adfs/token"
      userinfo_endpoint: "https://adfs.example.domain/adfs/userinfo"
      jwks_uri: "https://adfs.example.domain/adfs/discovery/keys"
      skip_verification: true
      user_mapping_provider:
          config:
              localpart_template: "{% raw %}{{ user.cn }}{% endraw %}"
              display_name_template: "{% raw %}{{ user.displayName }}{% endraw %}"

I receive on 503 error:

Feb 11 00:24:08 synspse-virtual-machine matrix-synapse[107809]: 2022-02-11 08:24:08,353 - synapse.app._base - 243 - CRITICAL - sentinel - Error during startup
Feb 11 00:24:08 synspse-virtual-machine matrix-synapse[107809]: Traceback (most recent call last):
Feb 11 00:24:08 synspse-virtual-machine matrix-synapse[107809]:   File "/usr/local/lib/python3.8/site-packages/synapse/handlers/oidc.py", line 121, in load_metadata
Feb 11 00:24:08 synspse-virtual-machine matrix-synapse[107809]:     await p.load_jwks()
Feb 11 00:24:08 synspse-virtual-machine matrix-synapse[107809]:   File "/usr/local/lib/python3.8/site-packages/synapse/handlers/oidc.py", line 499, in load_jwks
Feb 11 00:24:08 synspse-virtual-machine matrix-synapse[107809]:     return await self._jwks.get()
Feb 11 00:24:08 synspse-virtual-machine matrix-synapse[107809]:   File "/usr/local/lib/python3.8/site-packages/synapse/util/caches/cached_call.py", line 136, in get
Feb 11 00:24:08 synspse-virtual-machine matrix-synapse[107809]:     return await self._cachedcall.get()

I have connection between matrix server and adfs (ICMP works well).

Have anyone example config with ADFS integration for Synapse?

pythonmatrix-synapse


Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source

Related Questions

Selenium-Python: How do I make my WebDriverWait a few seconds before reloading a page?

Selenium-Python: How do I make my WebDriverWait a few seconds before reloading a page?

pip issue installing almost any library

pip issue installing almost any library

pip issue installing almost any library

Selenium-Python: How do I make my WebDriverWait a few seconds before reloading a page?

Selenium-Python: How do I make my WebDriverWait a few seconds before reloading a page?

A simple SMTP server (in Python)

How to specify which pytorch to import, if I have two different versions installed?

How to specify which pytorch to import, if I have two different versions installed?

A simple SMTP server (in Python)

Python: get all months in range?

Python: get all months in range?

Python: get all months in range?

How to specify which pytorch to import, if I have two different versions installed?