OpenID Provider AuthURL Fails with Trailing Slash

[bannert1337]

Description

When configuring an OpenID provider, the authurl field fails if it includes a trailing slash. The OIDC issuer validation expects the provided URL to exactly match the issuer returned by the provider, but the provider's issuer URL often omits trailing slashes.

Expected behavior:
Vikunja's OpenID configuration should correctly handle authurl values regardless of a trailing slash, either by normalizing the URL before validation or by performing a case-insensitive/trailing-slash-agnostic comparison for the issuer.

Current behavior:
The following authurl fails: https://auth.example.com/
The following authurl works: https://auth.example.com

Error message:

level=ERROR msg="Error while getting openid provider zitadel: oidc: issuer did not match the issuer returned by provider, expected \"https://auth.example.com/\" got \"https://auth.example.com\""

Vikunja Version

v1.0.0-rc2-8-a1c4d46d

Browser and version

No response

Can you reproduce the bug on the Vikunja demo site?

No

Screenshots

No response

[kolaente]

You need to fix either your openid provider or set the correct issuer url in Vikunja. The error comes from the openid library Vikunja uses and the validation logic is not something we control.