go-oidc | A Go OpenID Connect client | Authentication library

I'm attempting to set up OIDC with Keycloak as my IdP and Django (using Django Rest Framework and mozilla-django-oidc) as my client server. I have got keycloak installed and a rough Django application stood up that successfully redirects to keycloak where I can then successfully authenticate (to keycloak), but when I'm redirected back to django I'm missing information, specifically oidc_states.

The redirect to django triggers this log entry:

I am using NestJs with oidc passport strategy with identityserver as following.

Currently I am trying to implement multitenancy in an OAuth2 secured application by using one Keycloak realm for each tenant. I am creating a prototype in Go but am not really bound to the language and could switch to Node.js or Java if I needed to. I figure that my following question would hold true if I switched language though.

At first, implementing multitenancy seemed pretty straight forward to me:

• For each tenant, create a realm with the needed client configuration for my backend application.
• The backend receives a request with the URL tenant-1.my-app.com. Parse that URL to retrieve the tenant to be used for authentication.
• Connect to the OAuth2 provider (Keycloak in this case) and verify the request token.

Following a guide, I use golang.org/x/oauth2 and github.com/coreos/go-oidc. This is how I setup the OAuth 2 connection for a single realm:

I am trying to build a Go application with brazel. It is an existing private GitHub repo (with this location: github.xyz.com/repo-name) that I am working on, and my aim is to create a binary out of a main.go file that depends on some other Go files for it's methods. This is my BUILD.bazel file inside the folder called e2e where all these go files are present:

I use the following code with this lib

I am trying to configure the "mozilla-django-oidc" package in Django. To authenticate I use Azure Active Directory B2C policy, so this is my federation server.

When I click in the login button I got this URL which looks wrong to me, I will split it, just for convenience:

https://TENANTID.b2clogin.com/TENANTID.onmicrosoft.com/oauth2/v2.0/authorize?p=b2c_1_TENANTID_signin?response_type=code&scope=openid+email&client_id=XXXXXXXXXXXXXXX&redirect_uri=http%3A%2F%2Flocalhost%3A8000%2Foidc%2Fcallback%2F&state=pt8aYXicnYRSQkkB8kwHSv4hQwt9Xzre&nonce=UfLfk6QovA2inpfo9W7zS2MZHLpO1tkJ

and the URL I need has this format: https://TENANTID.b2clogin.com/TENANTID.onmicrosoft.com/oauth2/v2.0/authorize?p=B2C_1_TENANTID_SIGNIN&client_id=XXXXXXXXXXXXX&nonce=defaultNonce&redirect_uri=http%3A%2F%2Flocalhost%3A8000%2Foidc%2Fcallback%2F&scope=openid&response_type=id_token&prompt=login

In the home page I have this code: