Description
Hi
When i am trying to protect the server (instead of location) with OIDC RP reference implementation , login flow is not kicking off. It works fine if we have the following defined in the location block works fine as mentioned in the reference implementation
error_page 401 = @do_oidc_flow;
auth_jwt "authz" token=$session_jwt;
auth_jwt_key_request /_jwks_uri; # Enable when using filename
Since the auth_jwt is defined in the server block , the named location is also being protected . I was directed to use
auth_jwt off;
in the openid_connect.server_conf
Can we fix the openid_connect.server_conf to have the same ? though the reference implementation doesn't have this challenge, it would helpful if anyone wanted to protect the whole server to with the given config.