Hello,
I am using MediaWiki version 1.27.1 with the OpenID Connect extension detailed at
https://www.mediawiki.org/wiki/Extension:OpenID_Connect
I have configured the extension and when I click on "Log in" I am taken to
https://myserver.org/w/index.php?title=Special:UserLogin&returnto=My+Tes...
There I click on "Log in with PluggableAuth" and I am redirected to the OIDC OP as I expect.
I noticed, however, that when the extension computes the redirect_uri parameter that it includes when it redirects the browser to the OP it is
redirect_url=https%3A%2F%2Fmyserver.org%2Fw%2Findex.php
That surprises me. I would have thought that the redirect_uri would be to a page where MediaWiki can consume the authorization code that is returned by the OP.
After I authenticate with the OP it redirects the browser back to the redirect_uri with an authorization code and the correct state but then MediaWiki just returns a '200 OK' and the main page of the wiki.
It naively appears to me that the redirect_uri being sent to the OP is not correct, but I do not see a way to configure the extension to override it, and I would not know what value to use.
I appreciate any input people have on what I might be doing wrong, or how I can further troubleshoot.
Thanks,
Scott K
mediawiki-l@lists.wikimedia.org