Erroneous OIDC Endpoint URLs

[j0hax]

Describe the bug
The new OIDC SSO feature displays the wrong URLs in our installation; A /oidc/ path is missing from the URL in both the Web Interface as well as .well-known, leading to confusion for administrators and breaking auto-discovery.

To Reproduce
Steps to reproduce the behavior:

1. Follow the SSO Documentation
2. Get HTTP 404 Errors when /oidc/ is missing.

Expected behavior
Admidio communicates the correct behavoirs.

Screenshots

Here is an example from our productive installation:

The displayed URL

https://intern.avfrisia.de/modules/sso/index.php/.well-known/openid-configuration

is wrong, in reality it should be

https://intern.avfrisia.de/modules/sso/index.php/oidc/.well-known/openid-configuration

Note that in the working JSON response, the /oidc/ part is also missing, which breaks auto-discovery, e.g. Nextcloud.

System (please complete the following information):

• Admidio-Version 5.0.0
• PHP 8.4
• Database MySQL
• Browser Firefox
• Browser-Version 145

[j0hax]

After further digging, I believe the culprit is

admidio/src/SSO/Service/OIDCService.php

Line 97 in b34bbb4

$this->issuerURL = $gSettingsManager->get('sso_oidc_issuer_url') ?: ADMIDIO_URL;

By commenting out line 97, Admidio correctly computes issuerURL every time for our instance.

Is this a misconfiguration on our end or still a bug? I would expect OIDC to work out of the box without having to create a custom .well-known file.