nikhilshinday/error_log

## error_log
[Thu Jun 26 16:03:58 2014] [notice] caught SIGTERM, shutting down
[Thu Jun 26 16:03:59 2014] [notice] SELinux policy enabled; httpd running as context unconfined_u:system_r:httpd_t:s0
[Thu Jun 26 16:03:59 2014] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Thu Jun 26 16:03:59 2014] [notice] Digest: generating secret for digest authentication ...
[Thu Jun 26 16:03:59 2014] [notice] Digest: done
[Thu Jun 26 16:03:59 2014] [warn] oidc_check_config_openid_openidc: the URL scheme (http) of the configured OIDCRedirectURI SHOULD be "https" for security reasons (moreover: some Providers may reject non-HTTPS URLs)
[Thu Jun 26 16:03:59 2014] [notice] Apache/2.2.15 (Unix) DAV/2 mod_ssl/2.2.15 OpenSSL/1.0.1e-fips configured -- resuming normal operations
[Thu Jun 26 16:04:14 2014] [error] [client 10.17.18.66] oidc_restore_proto_state: no "mod_auth_openidc_state" state cookie found
[Thu Jun 26 16:04:14 2014] [error] [client 10.17.18.66] oidc_unsolicited_proto_state: could not parse JWT from state: invalid unsolicited response
[Thu Jun 26 16:04:14 2014] [error] [client 10.17.18.66] oidc_authorization_response_match_state: unable to restore state
[Thu Jun 26 16:04:31 2014] [error] [client 10.17.18.66] oidc_util_http_call: curl_easy_perform() failed on: https://www.googleapis.com/plus/v1/people/me/openIdConnect (Failed to connect to 2607:f8b0:400d:c04::5f: Network is unreachable), referer: http://www.nikhilshinday.com/

## filehierarchy
                 html (root)
        |             |          |
    index[1].html   example  loggedout
                    |            |
                index[2].html  index[3].html


## httpd.conf
#snippet ofhttpd.conf

LoadModule auth_openidc_module modules/mod_auth_openidc.so

OIDCProviderIssuer accounts.google.com
OIDCProviderAuthorizationEndpoint https://accounts.google.com/o/oauth2/auth?
OIDCProviderTokenEndpoint https://accounts.google.com/o/oauth2/token
OIDCProviderTokenEndpointAuth client_secret_post
OIDCProviderUserInfoEndpoint https://www.googleapis.com/plus/v1/people/me/openIdConnect
OIDCProviderJwksUri https://www.googleapis.com/oauth2/v2/certs

OIDCClientID 201421660266-4iligu986sudg2bfv9voh3l9h0jmsb6b.apps.googleusercontent.com
OIDCClientSecret wZAop4U-zovup989RJI5Ed2p

OIDCScope "openid email profile"
OIDCRedirectURI http://www.nikhilshinday.com/example/redirect_uri
OIDCCryptoPassphrase test
OIDCCookiePath /example/

<Location "/example/" >
    AuthType openid-connect
    Require valid-user
</Location>

## index[1].html
<html>
<body>
click <a href="/example">here</a> for OpenID authentication (*hopefully*)
</body>
</html>

## index[2].html
<html>
    <body>
    <a href="/example/redirect_uri?logout=https://www.nikhilshinday.com/loggedout">Logout</a>
  </body>
</html>

## index[3].html
<html>
<body>
    <a href="/">return home</a>
</body>
</html>
	[Thu Jun 26 16:03:58 2014] [notice] caught SIGTERM, shutting down
	[Thu Jun 26 16:03:59 2014] [notice] SELinux policy enabled; httpd running as context unconfined_u:system_r:httpd_t:s0
	[Thu Jun 26 16:03:59 2014] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
	[Thu Jun 26 16:03:59 2014] [notice] Digest: generating secret for digest authentication ...
	[Thu Jun 26 16:03:59 2014] [notice] Digest: done
	[Thu Jun 26 16:03:59 2014] [warn] oidc_check_config_openid_openidc: the URL scheme (http) of the configured OIDCRedirectURI SHOULD be "https" for security reasons (moreover: some Providers may reject non-HTTPS URLs)
	[Thu Jun 26 16:03:59 2014] [notice] Apache/2.2.15 (Unix) DAV/2 mod_ssl/2.2.15 OpenSSL/1.0.1e-fips configured -- resuming normal operations
	[Thu Jun 26 16:04:14 2014] [error] [client 10.17.18.66] oidc_restore_proto_state: no "mod_auth_openidc_state" state cookie found
	[Thu Jun 26 16:04:14 2014] [error] [client 10.17.18.66] oidc_unsolicited_proto_state: could not parse JWT from state: invalid unsolicited response
	[Thu Jun 26 16:04:14 2014] [error] [client 10.17.18.66] oidc_authorization_response_match_state: unable to restore state
	[Thu Jun 26 16:04:31 2014] [error] [client 10.17.18.66] oidc_util_http_call: curl_easy_perform() failed on: https://www.googleapis.com/plus/v1/people/me/openIdConnect (Failed to connect to 2607:f8b0:400d:c04::5f: Network is unreachable), referer: http://www.nikhilshinday.com/
	html (root)
	\| \| \|
	index[1].html example loggedout
	\| \|
	index[2].html index[3].html
	#snippet ofhttpd.conf

	LoadModule auth_openidc_module modules/mod_auth_openidc.so

	OIDCProviderIssuer accounts.google.com
	OIDCProviderAuthorizationEndpoint https://accounts.google.com/o/oauth2/auth?
	OIDCProviderTokenEndpoint https://accounts.google.com/o/oauth2/token
	OIDCProviderTokenEndpointAuth client_secret_post
	OIDCProviderUserInfoEndpoint https://www.googleapis.com/plus/v1/people/me/openIdConnect
	OIDCProviderJwksUri https://www.googleapis.com/oauth2/v2/certs

	OIDCClientID 201421660266-4iligu986sudg2bfv9voh3l9h0jmsb6b.apps.googleusercontent.com
	OIDCClientSecret wZAop4U-zovup989RJI5Ed2p

	OIDCScope "openid email profile"
	OIDCRedirectURI http://www.nikhilshinday.com/example/redirect_uri
	OIDCCryptoPassphrase test
	OIDCCookiePath /example/

	<Location "/example/" >
	AuthType openid-connect
	Require valid-user
	</Location>
	<html>
	<body>
	click <a href="/example">here</a> for OpenID authentication (hopefully)
	</body>
	</html>
	<html>
	<body>
	<a href="/example/redirect_uri?logout=https://www.nikhilshinday.com/loggedout">Logout</a>
	</body>
	</html>