๐ Bug Fix Release
Fixed
- OIDC Authentication: Fixed callback URL path construction that was causing authentication failures with strict OIDC providers like Authentik (#208)
- The callback handler was using
req.pathwhich only returned the route-relative path (/oidc/callback) instead of the full mounted path (/api/auth/oidc/callback) - This caused redirect URI validation failures resulting in
invalid_clienterrors - Now correctly uses
req.baseUrl + req.pathto construct the complete callback URL
- The callback handler was using
Affected Users
This fix is critical for users authenticating with OIDC providers that enforce strict redirect URI matching (e.g., Authentik, Keycloak with strict mode).
Upgrade Notes
No configuration changes required. Simply update to v2.5.1 and OIDC authentication will work correctly.
Docker Image
docker pull ghcr.io/yeraze/meshmonitor:v2.5.1
# or
docker pull ghcr.io/yeraze/meshmonitor:latestTesting
- โ All system tests pass
- โ OIDC integration tests pass
- โ Verified with Authentik (strict redirect URI matching)
๐ค Generated with Claude Code
๐ MeshMonitor v2.5.1
๐ฆ Installation
Docker (recommended):
docker run -d \
--name meshmonitor \
-p 8080:3001 \
-v meshmonitor-data:/data \
ghcr.io/Yeraze/meshmonitor:v2.5.1๐งช Testing
โ
All tests passed
โ
TypeScript checks passed
โ
Docker images built for linux/amd64, linux/arm64, linux/arm/v7
๐ Changes
See commit history for detailed changes.