Affects Version/s: 7.1.X
Component/s: Application Security > OpenID Connect
Authenticating via an OpenID Connect provider redirects the user to localhost:8080. However this is not a valid URL if the application server (Tomcat in this case) has been modified to run the portal in a /portal context (using localhost:8080/portal as the new landing page).
The likely cause of the issue stems from this code: https://github.com/liferay/liferay-portal/blob/master/modules/apps/portal-security-sso/portal-security-sso-openid-connect-impl/src/main/java/com/liferay/portal/security/sso/openid/connect/internal/OpenIdConnectServiceHandlerImpl.java#L299
1. In a clean Liferay bundle
2. Navigate to tomcat/webapps
3. Rename the "ROOT" folder "portal"
4. Navigate to tomcat/conf/Catalina/localhost
5. Rename "ROOT.xm"l to "portal.xml"
6. Start the bundle
7. Deploy the internal openid connect config file into the /liferay_home/osgi/configs directory
8. Navigate to Control Panel
> Configuration> System Settings -> Foundation -> OpenID Connect (or search for OpenID Connect)
9. Check the Enabled checkbox and hit save
10. Open an incognito window and navigate to the site localhost:8080/portal
11. Go to Sign-in
12. Click on the OpenID Connect link
13. Select the provider, click Sign In
14. Authenticate on the provider