New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
authenticating to Gluu auth server and retrieving user info after successful login #61
Comments
hmm, that doesn't appear to be an Error in the Vouch Proxy code base. I'm
guessing it's generated during the request for User info from Gluu.
Aha!.. Looks like `user_info_urls` should be `user_info_url` in your config
I'm uncertain of the user info that Gluu auth server would return, but I'm
hopeful. Please do let us know if you get Vouch Proxy working with Gluu.
…On Tue, Jan 29, 2019 at 9:07 AM popefinn ***@***.***> wrote:
I'm using vouch-proxy to connect to a Gluu auth server using the following
config:
# vouch config
# bare minimum to get vouch running with OpenID Connect (such as okta)
vouch:
# domains:
# valid domains that the jwt cookies can be set into
# the callback_urls will be to these domains
# domains:
#- magnitudesurveys.com
#- magnitudesurveys.co.uk
logLevel: debug
# - OR -
# instead of setting specific domains you may prefer to allow all users...
# set allowAllUsers: true to use Vouch Proxy to just accept anyone who can authenticate at the configured provider
allowAllUsers: true
testing: true
cookie:
name: MSVouchCookie
domain: magnitudesurveys.com
secure: true
httpOnly: true
oauth:
# Generic OpenID Connect
# including okta
provider: oidc
client_id: "@!30EB.0CC0.85AF.9406!0001!1CA3.2DC9!0008!6C98.0808.861E.9697"
client_secret: "8burIdoiclhvBOhq4IufF142"
auth_url: "https://sso.magnitudesurveys.com/oxauth/restv1/authorize"
token_url: "https://sso.magnitudesurveys.com/oxauth/restv1/token"
user_info_urls: "https://sso.magnitudesurveys.com/oxauth/restv1/userinfo"
scopes:
- email
- openid
callback_url: "https://login.magnitudesurveys.com/auth"
I'm getting the following error:
DEBU[0007] /auth
ERRO[0007] Get : unsupported protocol scheme ""
after logging in at gluu
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub
<#61>, or mute the thread
<https://github.com/notifications/unsubscribe-auth/ABNK62lYgF2zHJih6FlXMqRAEtpbic9zks5vIH_DgaJpZM4aYgp_>
.
|
Ahh, the plural issue solved that problem: Now i'm onto the next issue. Login works and vouch returns 302 (and /validate returns 200 OK) Then a 'too many redirects' chrome occurs, this is followed by:
vouch-proxy log is: This seems to be an issue with Gluu but i'm not sure why it would log me in, then error. The following options are available within Gluu, would any of them help? |
for 'too many redirects' try setting It looks like you're getting the user info back, which is good and it appears to be trying to set a JWT but then it can't find it on the next round trip. Can you please check your nginx config as well as the and try setting |
Thanks That was it, going back and looking at my domains again i found that i'd commented them out at some point. All working now. Vouch using a Windows Active Directory via Gluu |
so glad to hear it! |
I'm using vouch-proxy to connect to a Gluu auth server using the following config:
I'm getting the following error:
DEBU[0007] /auth
ERRO[0007] Get : unsupported protocol scheme ""
after logging in at gluu
The text was updated successfully, but these errors were encountered: