Hello! I'm using dovecot with keycloak for oauth authentication. My config is:
client_id = dovecot client_secret = MY_SECRET introspection_url = https://MY_KEYCLOAK/realms/master/protocol/openid-connect/token/introspect introspection_mode = post pass_attrs = pass=%{oauth2:access_token}
Everything worked great on version 2.3.20. After upgrading to version 2.3.21.1 oauth stopped working with errors:
auth: Debug: http-client: conn [::1]:443 [1]: Got 401 response for request [Req1: POST https://MY_KEYCLOAK/realms/master/protocol/openid-connect/token/introspect]: Unauthorized (took 5 ms + >Aug 16 00:23:58 auth: Error: oauth2(MY_EMAIL,127.0.0.1,<HADwdb8f+PN/AAAB>): oauth2 failed: Introspection failed: No username returned
I tried all combination of configurations, debugging and versions of keycloak. Seems something was broken in this version of dovecot.