-
-
Notifications
You must be signed in to change notification settings - Fork 20
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Auth-token-user setting does not seem to be working #65
Comments
@ncroese I guess there is an env mapping issue. Could you try Please mention that this feature works only, if the OpenVPN username is not empty at connect. See: OpenVPN/openvpn#296 . |
Thanks for your quick response! I've updated to 1.11.0 and changed the property name in my configuration to CONFIG_OPENVPN_AUTH__TOKEN__USER. I also tried running without the property. This did not have any effect. Then I tried running with --openvpn.auth-token-user:
This also did not seem to have any effect. Note that the OpenVPN username is not empty this time, as I provided that during auth. Here are the logs of the session:
This is my application config:
Openvpn server config:
Openvpn client config:
|
If you see
Then
Otherwise
called. Please mention that the OpenVPN logs always shows Common Name, not Username. The Username is nearly invisible. |
Here is the log for the server:
As you can see there is a I tried configuring
|
Its visible in the client logs, because the client logs the push options. Maybe it part of
Not sure, if that work. Because the Common Name will be locked on session init. I feel that you want something that I already described here: OpenVPN/openvpn#299 |
Looks like it is there indeed, so the auth client is actually working as expected. I don't see it in my client logs for some reason, but I guess even if it was there it wouldn't solve my problem :).
Yes, that is indeed what I am looking for. Let's hope they make this possible in the future. Thanks for your help! |
Current Behavior
According to the code and documentation it seems that the application should set the client username to the preferred_username claim by default. For some reason this does not seem to be happening for me. I don't see any difference in behavior when configuring CONFIG_OPENVPN_AUTH_TOKEN_USER to either true or false.
I see the following in the server logs (without configuring the property or when setting it to either true or false):
The corresponding logging from the application is this:
Expected Behavior
When I look at the code in the OAUTH2 handler it seems to me that it should be sending the push auth-token-user command with the user.preferred_username value telling the server to use user.name@domain as client name.
Steps To Reproduce
No response
Environment
Anything else?
I think the issue could be with openvpn, but I'm not sure, so any suggestions would be appreciated.
The text was updated successfully, but these errors were encountered: