OIDC dump_user_data flag enabled returns [object] and status: 0 not rendered user data JSON #4959

New Issue

OVERLORD · 2026-02-05T09:29:35+03:00

OVERLORD commented

2026-02-05 09:29:35 +03:00

Originally created by @baskoopmans on GitHub (Sep 24, 2024).

Describe the Bug

We are running BookStack version 24.5.4 with OIDC configuration and logging to stder, the OIDC dump user info exception shows no user info only [object] and status: 0, is this to be expected?

Steps to Reproduce

Login with OIDC authentication
Check the logs

Expected Behaviour

Expect some user details to be printed

Screenshots or Additional Context

Configuration:

LOG_CHANNEL=stderr
OIDC_DUMP_USER_DETAILS=true

Example:

Exception
[2024-09-24 12:39:47] production.ERROR: {"exception":"[object] (BookStack\\Exceptions\\JsonDebugException(code: 0): at /var/www/bookstack/app/Access/Oidc/OidcService.php:191)
[stacktrace]

GET request
[24/Sep/2024:12:39:46 +0000] "GET /oidc/callback?code=0.<token>&state=<state>&session_state=<session> HTTP/1.1" 200 5869 "https://login.microsoftonline.com/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36"

Browser Details

Chrome 128 (64-bit) on Windows 10

Exact BookStack Version

v24.5.4

Originally created by @baskoopmans on GitHub (Sep 24, 2024). ### Describe the Bug We are running BookStack version 24.5.4 with OIDC configuration and logging to stder, the OIDC dump user info exception shows no user info only [object] and status: 0, is this to be expected? ### Steps to Reproduce - Login with OIDC authentication - Check the logs ### Expected Behaviour Expect some user details to be printed ### Screenshots or Additional Context Configuration: ``` LOG_CHANNEL=stderr OIDC_DUMP_USER_DETAILS=true ``` Example: **Exception** ` [2024-09-24 12:39:47] production.ERROR: {"exception":"[object] (BookStack\\Exceptions\\JsonDebugException(code: 0): at /var/www/bookstack/app/Access/Oidc/OidcService.php:191) ` ` [stacktrace] ` **GET request** ` [24/Sep/2024:12:39:46 +0000] "GET /oidc/callback?code=0.<token>&state=<state>&session_state=<session> HTTP/1.1" 200 5869 "https://login.microsoftonline.com/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36" ` ### Browser Details Chrome 128 (64-bit) on Windows 10 ### Exact BookStack Version v24.5.4

OVERLORD added the 🐛 Bug label 2026-02-05 09:29:35 +03:00

OVERLORD closed this issue

2026-02-05 09:29:36 +03:00

OVERLORD commented

2026-02-05 09:29:38 +03:00

@ssddanbrown commented on GitHub (Sep 24, 2024):

Hi @baskoopmans,
That debug option dumps to the browser during the login process, rather than the app error log.

@ssddanbrown commented on GitHub (Sep 24, 2024): Hi @baskoopmans, That debug option dumps to the browser during the login process, rather than the app error log.

OVERLORD commented

2026-02-05 09:29:41 +03:00

@baskoopmans commented on GitHub (Sep 24, 2024):

Hi Dan, thanks for your quick reply!

Ok good to know :) so the user data is not visible in the server logs as you state?

I'm still a bit confused, the feature flag does have influence on the exception raised on line 191?
3a058a6e34/app/Access/Oidc/OidcService.php (L191)

In combination with enabling the raise of the exception
3a058a6e34/app/Config/oidc.php (L9)

If $idToken->getAllClaims() returns status: 0 and the [object] what would it mean?

I'm trying to get some extra information about the logged in user server side in order to see why the groups are not correctly matched

@baskoopmans commented on GitHub (Sep 24, 2024): Hi Dan, thanks for your quick reply! Ok good to know :) so the user data is not visible in the server logs as you state? I'm still a bit confused, the feature flag does have influence on the exception raised on line 191? https://github.com/BookStackApp/BookStack/blob/3a058a6e349db0456c294fc47e5537a0fd73ecd0/app/Access/Oidc/OidcService.php#L191 In combination with enabling the raise of the exception https://github.com/BookStackApp/BookStack/blob/3a058a6e349db0456c294fc47e5537a0fd73ecd0/app/Config/oidc.php#L9 If $idToken->getAllClaims() returns status: 0 and the [object] what would it mean? I'm trying to get some extra information about the logged in user server side in order to see why the groups are not correctly matched

OVERLORD commented

2026-02-05 09:29:45 +03:00

@ssddanbrown commented on GitHub (Sep 24, 2024):

@baskoopmans

the feature flag does have influence on the exception raised on line 191?
If $idToken->getAllClaims() returns status: 0 and the [object] what would it mean?

A custom exception is thrown here to allow us to catch this and show the token data (passed into the exception) as a response.
$idToken->getAllClaims() is not returning status 0, that's just the default code for a php exception. The [object] just refers to the error object itself.

If you really needed a back-end way to log the data, you could setup our the logical theme system then use the following function.php theme file to log the data during the login process:

<?php

use BookStack\Theming\ThemeEvents;
use BookStack\Facades\Theme;
use Illuminate\Support\Facades\Log;

Theme::listen(ThemeEvents::OIDC_ID_TOKEN_PRE_VALIDATE, function (array $idTokenData, array $accessTokenData) {
    $logMessage = "OIDC login ID token data: " . json_encode($idTokenData);
    Log::info($logMessage);
});

@ssddanbrown commented on GitHub (Sep 24, 2024): @baskoopmans > the feature flag does have influence on the exception raised on line 191? > If $idToken->getAllClaims() returns status: 0 and the [object] what would it mean? A custom exception is thrown here to allow us to catch this and show the token data (passed into the exception) as a response. `$idToken->getAllClaims()` is not returning status 0, that's just the default code for a php exception. The `[object]` just refers to the error object itself. If you really needed a back-end way to log the data, you could setup our the [logical theme system](https://github.com/BookStackApp/BookStack/blob/development/dev/docs/logical-theme-system.md#getting-started) then use the following `function.php` theme file to log the data during the login process: ```php <?php use BookStack\Theming\ThemeEvents; use BookStack\Facades\Theme; use Illuminate\Support\Facades\Log; Theme::listen(ThemeEvents::OIDC_ID_TOKEN_PRE_VALIDATE, function (array $idTokenData, array $accessTokenData) { $logMessage = "OIDC login ID token data: " . json_encode($idTokenData); Log::info($logMessage); }); ```

OVERLORD commented

2026-02-05 09:29:48 +03:00

@ssddanbrown commented on GitHub (Oct 14, 2024):

Since there's been no further follow up I'll go ahead and close this off.
Feel free to still comment if you need guidance on the above.

Thanks once again for your continued sponsorship btw!

@ssddanbrown commented on GitHub (Oct 14, 2024): Since there's been no further follow up I'll go ahead and close this off. Feel free to still comment if you need guidance on the above. Thanks once again for your continued sponsorship btw!

OVERLORD commented

2026-02-05 09:29:50 +03:00

@baskoopmans commented on GitHub (Jan 17, 2025):

Sorry for not following up quickly, this worked perfectly thanks!

@baskoopmans commented on GitHub (Jan 17, 2025): Sorry for not following up quickly, this worked perfectly thanks!

Sign in to join this conversation.

Branches Tags

1 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: starred/BookStack#4959