Product: PowerShell Universal
Version: 4.0.12
Hi all.
My first post here, please treat me kindly 
I am setting up OpenID Connect authentication and authorization in my psu environment. Authentication went smooth, no big problems there, but now I’m trying to use my AD groups as an attribute in the Oauth2 userinfo for roles assignment and suddenly everything crashes when I try to log in. After some fiddling I suspect that psu doesn’t handle attributes long enough. My idp concatenates all my groups into one string so this particular attribute is almost 3000 characters in length. Can anyone verify that this might be the problem? And is there any way if so of increasing the limit? Or any other way to get around this problem?
I’ll paste the relevant part of my system log below in case it says anything. I think it’s kinda vague on what’s the problem:
2023-09-13 11:32:46.559 +02:00 [INF] Request starting HTTP/2 GET https://<OBFUSCATED>/ - -
2023-09-13 11:32:46.559 +02:00 [VRB] All hosts are allowed.
2023-09-13 11:32:46.559 +02:00 [VRB] This request accepts compression.
2023-09-13 11:32:46.559 +02:00 [VRB] Performing protect operation to key {8a65e556-5c21-460f-8cc3-170a2845b632} with purposes ('C:\Program Files (x86)\Universal\', 'SessionMiddleware').
2023-09-13 11:32:46.559 +02:00 [DBG] The request path / does not match a supported file type
2023-09-13 11:32:46.559 +02:00 [DBG] The request path does not match the path filter
2023-09-13 11:32:46.559 +02:00 [DBG] Request did not match any endpoints
2023-09-13 11:32:46.564 +02:00 [VRB] Performing protect operation to key {8a65e556-5c21-460f-8cc3-170a2845b632} with purposes ('C:\Program Files (x86)\Universal\', 'Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectHandler', 'System.String', 'OpenIdConnect', 'v1').
2023-09-13 11:32:46.564 +02:00 [VRB] Performing protect operation to key {8a65e556-5c21-460f-8cc3-170a2845b632} with purposes ('C:\Program Files (x86)\Universal\', 'Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectHandler', 'OpenIdConnect', 'v1').
2023-09-13 11:32:46.564 +02:00 [INF] Request finished HTTP/2 GET https://<OBFUSCATED>/ - - - 302 0 - 5.1100ms2023-09-13 11:32:57.788 +02:00 [INF] Request starting HTTP/2 GET https://<OBFUSCATED>/auth/signin-oidc?error_description=the+server+encountered+an+unexpected+error&state=CfDJ8FblZYohXA9GjMMXCihFtjJVlSMMQBodSAtgJqdYSw7NGE0pNkn_uL6vFiszZVkSYUDKTfeY4mwmdqZ37HvUv2jKyv9ATMAl6sEJkUrb3RB9Kwm-kQJiWntEY0ugnfG-3asxPxeWFcDPs6YFJE8bzWmqV1MAoJBDf0g2CMkNCCOJciUnLAghGRAQTYGNdBtcEMR31Up1BXeu3cq3pVIslrJ0PUU0Z8r1253bADoDrk31_tIVLxIWtZzEw4f0uIttAqe8_xY8HyFbqcyU0C4tPQQutj2Z8eMb3R3tT58D2YuXFapNW0KaN-17XL1N5OTeWSWT7mr8PXS5fVueBHpO0D6VhfVS-H1dgeQcwhqiMBi5JxSoBPeIp9dvPCZ8sSMvDw&error=server_error - -
2023-09-13 11:32:57.788 +02:00 [VRB] All hosts are allowed.
2023-09-13 11:32:57.789 +02:00 [VRB] Performing unprotect operation to key {8a65e556-5c21-460f-8cc3-170a2845b632} with purposes ('C:\Program Files (x86)\Universal\', 'Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectHandler', 'OpenIdConnect', 'v1').
2023-09-13 11:32:57.789 +02:00 [ERR] Connection id "0HMTJCELR3K2I", Request id "0HMTJCELR3K2I:00000003": An unhandled exception was thrown by the application.
System.Exception: An error was encountered while handling the remote login.
---> Microsoft.IdentityModel.Protocols.OpenIdConnect.OpenIdConnectProtocolException: Message contains error: 'server_error', error_description: 'the server encountered an unexpected error', error_uri: 'error_uri is null'.
--- End of inner exception stack trace ---
at Microsoft.AspNetCore.Authentication.RemoteAuthenticationHandler`1.HandleRequestAsync()
at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext context)
at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.Http.HttpProtocol.ProcessRequests[TContext](IHttpApplication`1 application)
2023-09-13 11:32:57.790 +02:00 [INF] Request finished HTTP/2 GET https://<OBFUSCATED>/auth/signin-oidc?error_description=the+server+encountered+an+unexpected+error&state=CfDJ8FblZYohXA9GjMMXCihFtjJVlSMMQBodSAtgJqdYSw7NGE0pNkn_uL6vFiszZVkSYUDKTfeY4mwmdqZ37HvUv2jKyv9ATMAl6sEJkUrb3RB9Kwm-kQJiWntEY0ugnfG-3asxPxeWFcDPs6YFJE8bzWmqV1MAoJBDf0g2CMkNCCOJciUnLAghGRAQTYGNdBtcEMR31Up1BXeu3cq3pVIslrJ0PUU0Z8r1253bADoDrk31_tIVLxIWtZzEw4f0uIttAqe8_xY8HyFbqcyU0C4tPQQutj2Z8eMb3R3tT58D2YuXFapNW0KaN-17XL1N5OTeWSWT7mr8PXS5fVueBHpO0D6VhfVS-H1dgeQcwhqiMBi5JxSoBPeIp9dvPCZ8sSMvDw&error=server_error - - - 500 0 - 1.4839ms