Skip to content

OIDC callback fails with TypeError: verified is not a function #7303

New issue
New issue
Open
#7312
Open
OIDC callback fails with TypeError: verified is not a function#7303
#7312
Labels
bug
@szymonsypula

Description

@szymonsypula
szymonsypula
opened on Sep 29, 2025

After a successful Azure AD B2C sign‑in (authorization code + state returned), MeshCentral errors during /auth-oidc-callback with:

WEBREQUEST: (10.x.x.x) /auth-oidc-callback?state=...&code=...
ERR: TypeError: verified is not a function
    at OpenIDConnectStrategy.oidcCallback [as _verify] (/opt/meshcentral/node_modules/meshcentral/webserver.js:8091:28)
    at /opt/meshcentral/node_modules/openid-client/lib/passport_strategy.js:189:10

This prevents completing the login and results in HTTP 500.

To Reproduce
Steps to reproduce the behavior:

  1. Navigate to https://mesh.example.com/ and select Login with OIDC.
  2. Authenticate successfully at Azure AD B2C (user sees the B2C page, MFA, etc.).
  3. B2C redirects back to: https://mesh.example.com/auth-oidc-callback?state=<...>&code=<...>
  4. MeshCentral responds with HTTP 500.

Expected behavior
Expected: MeshCentral exchanges the code for tokens, creates/locates the user, and signs in.
Actual: MeshCentral throws an exception inside the OIDC callback and returns HTTP 500.

MeshCentral: v1.1.51
OS - Ubuntu
openid-client: 5.7.1
(npm ls openid-client → [email protected])
Node.js: v18.19.1
OS / Deployment: Linux, systemd service
Reverse proxy / TLS: Azure Application Gateway (TLS offload) WAN
IdP: Azure AD B2C (policy: B2C_1A_TEST-MESHCENTRAL)

Additional context
What we’ve already tried

Upgraded MeshCentral to v1.1.51 (latest at time of testing).
Ensured [email protected] (correct major for MeshCentral’s Passport integration).
Verified config structure matches the MeshCentral OIDC guide (scope in custom, code flow, exact callback URI).
Cleared browser cache / fresh session.

Your config.json file


  "domains": {
    "": {
      "authStrategies": {
        "oidc": {
          "issuer": "https://b2c-tenant.examplelogin.com/tenant.example.com/B2C_1A_TEST-MESHCENTRAL/v2.0/",
          "client": {
            "client_id": "********-****-****-****-************",
            "client_secret": "****************",
            "redirect_uri": "https://mesh.example.com/auth-oidc-callback",
            "post_logout_redirect_uri": "https://mesh.example.com/login",
            "token_endpoint_auth_method": "client_secret_post"
          },
          "custom": {
            "scope": "openid profile email",
            "response_type": "code"
          },
          "newAccounts": true
        }
      }
    }
  }

Metadata

Metadata

Assignees

No one assigned

    Labels

    bug

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions