You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
After kubelogin upgrade to v1.12.0 I've tried to authorize to my K8S cluster running with Dex without opening a browser but failed with the following error: {"error":"invalid_grant"} error: error while the resource owner password credentials grant flow: could not get a token: oauth2: cannot fetch token: 400 Bad Request
Working with Browser works fine!
Full log:
⇒ kubelogin --context staging --insecure-skip-tls-verify --skip-open-browser --username test -v4
14:52:01.575730 WARNING: log may contain your secrets such as token or password
14:52:01.578762 Using the authentication provider of the user test@staging
14:52:01.578783 A token will be written to /Users/test/.kube/config
14:52:01.578791 Loading the certificate /Users/test/.ssh/staging-dex-ca.crt
Password:
14:52:05.922742 GET /dex/.well-known/openid-configuration HTTP/1.1
Host: staging-kubernetes-masters.service:32000
User-Agent: Go-http-client/1.1
Accept-Encoding: gzip
14:52:06.761844 HTTP/1.1 200 OK
Content-Length: 861
Content-Type: application/json
Date: Thu, 20 Jun 2019 11:52:06 GMT
client_id=xxxxxxxxx&client_secret=xxxxxxxxxx&grant_type=password&password=xxxxxxxxx&scope=offline_access+openid+profile+email+groups+openid&username=test
14:52:07.178048 HTTP/1.1 400 Bad Request
Content-Length: 25
Content-Type: application/json
Date: Thu, 20 Jun 2019 11:52:07 GMT
{"error":"invalid_grant"}
error: error while the resource owner password credentials grant flow: could not get a token: oauth2: cannot fetch token: 400 Bad Request
Response: {"error":"invalid_grant"}
The text was updated successfully, but these errors were encountered:
After kubelogin upgrade to v1.12.0 I've tried to authorize to my K8S cluster running with Dex without opening a browser but failed with the following error:
{"error":"invalid_grant"}
error: error while the resource owner password credentials grant flow: could not get a token: oauth2: cannot fetch token: 400 Bad Request
Working with Browser works fine!
Full log:
⇒ kubelogin --context staging --insecure-skip-tls-verify --skip-open-browser --username test -v4
14:52:01.575730 WARNING: log may contain your secrets such as token or password
14:52:01.578762 Using the authentication provider of the user test@staging
14:52:01.578783 A token will be written to /Users/test/.kube/config
14:52:01.578791 Loading the certificate /Users/test/.ssh/staging-dex-ca.crt
Password:
14:52:05.922742 GET /dex/.well-known/openid-configuration HTTP/1.1
Host: staging-kubernetes-masters.service:32000
User-Agent: Go-http-client/1.1
Accept-Encoding: gzip
14:52:06.761844 HTTP/1.1 200 OK
Content-Length: 861
Content-Type: application/json
Date: Thu, 20 Jun 2019 11:52:06 GMT
{
"issuer": "https://staging-kubernetes-masters.service:32000/dex",
"authorization_endpoint": "https://staging-kubernetes-masters.service:32000/dex/auth",
"token_endpoint": "https://staging-kubernetes-masters.service:32000/dex/token",
"jwks_uri": "https://staging-kubernetes-masters.service:32000/dex/keys",
"response_types_supported": [
"code"
],
"subject_types_supported": [
"public"
],
"id_token_signing_alg_values_supported": [
"RS256"
],
"scopes_supported": [
"openid",
"email",
"groups",
"profile",
"offline_access"
],
"token_endpoint_auth_methods_supported": [
"client_secret_basic"
],
"claims_supported": [
"aud",
"email",
"email_verified",
"exp",
"iat",
"iss",
"locale",
"name",
"sub"
]
}
14:52:06.763737 POST /dex/token HTTP/1.1
Host: staging-kubernetes-masters.service:32000
User-Agent: Go-http-client/1.1
Content-Length: 114
Authorization: Basic xxxxxxxxxxxxxxxxxxxx
Content-Type: application/x-www-form-urlencoded
Accept-Encoding: gzip
grant_type=password&password=xxxxxxx&scope=offline_access+openid+profile+email+groups+openid&username=test
14:52:06.971080 HTTP/1.1 400 Bad Request
Content-Length: 25
Content-Type: application/json
Date: Thu, 20 Jun 2019 11:52:07 GMT
{"error":"invalid_grant"}
14:52:06.971377 POST /dex/token HTTP/1.1
Host: staging-kubernetes-masters.service:32000
User-Agent: Go-http-client/1.1
Content-Length: 160
Content-Type: application/x-www-form-urlencoded
Accept-Encoding: gzip
client_id=xxxxxxxxx&client_secret=xxxxxxxxxx&grant_type=password&password=xxxxxxxxx&scope=offline_access+openid+profile+email+groups+openid&username=test
14:52:07.178048 HTTP/1.1 400 Bad Request
Content-Length: 25
Content-Type: application/json
Date: Thu, 20 Jun 2019 11:52:07 GMT
{"error":"invalid_grant"}
error: error while the resource owner password credentials grant flow: could not get a token: oauth2: cannot fetch token: 400 Bad Request
Response: {"error":"invalid_grant"}
The text was updated successfully, but these errors were encountered: