We re trying to integrate SSO for sonar with OpenID Connect which we are facing this error

Fail to callback authentication with 'oidc'
java.lang.IllegalStateException: Token request failed: No error code returned (identity provider not reachable - check network proxy setting 'http.nonProxyHosts' in 'sonar.properties'

2023.11.22 11:47:34 WARN  web[AYv1rIVzfZw0PIAlAAAS][o.s.s.a.AuthenticationError] Fail to callback authentication with 'oidc'
java.lang.IllegalStateException: Token request failed: No error code returned (identity provider not reachable - check network proxy setting 'http.nonProxyHosts' in 'sonar.properties')
        at org.vaulttec.sonarqube.auth.oidc.OidcClient.getUserInfo(OidcClient.java:127)

but in samw web.log this warn also we see -
2023.11.22 11:46:27 WARN web[][o.s.s.a.LogOAuthWarning] For security reasons, OAuth authentication should use HTTPS. You should set the property 'Administration > Configuration > Server base URL' to a HTTPS URL.

Hi,

Welcome to the community!

I think this is your problem.

 
Ann

Hai Ann, How do you do ?

Yes I am trying to configure SSO - with openID Connect in sonar we face this error and How to resolve this issue. I can share all the configurations related to openID Connect below are the configurations I did.

Sonarqube is hosted in onprem with http only not https. And our interna IdP application also supports http only.

sonar.property file entries below alone enabled.

sonar.core.serverBaseURL=http://172.16.24.38:9000
#sonar.core.serverBaseURL=http://sonarqube.intellectdesign.com:9000
sonar.forceAuthentication=true

Issuer URI - http://172.16.102.217:10002/arx-sso/oauth/

Client ID - 0lUO7BjG3Wy5oMg4GhDu

Secret - ***********************************

Scopes - openid

ID token signature algorithm - RS256

Login generation strategy - Preferred username

Login strategy custom claim - upn

Groups claim name - groups

Icon path - /static/authoidc/openid.svg

Login button text - Open ID Connect.

access.log