Problem with the Azure Provider #232
Comments
|
Seems to be problem getting the email.... |
|
gotten same issue, did you ever figure out which line is causing "assertion to string" fail? |
|
Hi, did you, by any chance, find the reason of that error? |
|
https://github.com/iremmats/oauth2_proxy/blob/master/oauthproxy.go It crashes when trying to get the email as stated above. We just set a random email and bypassed it. Worked for us.. :) |
|
thanks @iremmats . I found the problem. In my case, it was GetEmailAddress method that my customer provider implement try to get email out of json string that doesn't consist of "email" line. |
|
So how do we get around it in a correct way? Get another field from the json? In that case, which one? The json you speak about, is it the same as in my stacktrace above? |
|
Hi all! It was in GetEmailAddress method. I am not 100% sure why json from GraphAPI can be empty, but I think it is because we are using MS LiveID accounts in Azure. I forked this awesome repo and made a little Go magic (first coding ever in Go) that is trying to get e-mail value from alternate JSON fields and if all this attempts will fail it will get user principal name. If I read the code correctly that e-mail is used to name(identify) the session. There is changed Azure.go file in my repo: I hope this will help someone. |
|
The branch of @ElDiabloComputatore works fine for my setup. I have the same problem with emails although I tried Microsoft Accounts as well as Work Accounts and filled all fields that have something to do with email. I'd suggest to open a pull request with your changes. 👍 |
|
I just tested this now. It works. Thanks so much! |
|
resolved by #274 |
|
Mind doing a release for this? Latest release is v2.1 which doesn't seem like this fix is in and I'm getting the same problem. |
Hi,
Testing this proxy out. Managed to get the GitHub provider working. My use case is trying to get security for Elasticsearch/Kibana using oauth2_proxy and nginx.
When switching to Azure provider I run into problems... Here is part of my config.
cmd="oauth2_proxy -client-id=clientidfromazuread
-client-secret=clientsecretfromazuread
-provider=azure
-azure-tenant=azuretenantGUID
-email-domain=*
-upstream=http://10.17.0.4:9200
-http-address=http://10.17.0.4:4180
-cookie-secret=secretsecret \ //am I supposed to set something else here?
-cookie-secure=true"
In Azure this is my Sign-On Url: https://mysite/oauth2/callback/
ReplyTo is the same url.
The oauth2_proxy error logs shows this:
2016/04/08 21:31:30 api.go:20: 200 GET https://graph.windows.net/me?api-version=1.6 {"odata.metadata":"https://graph.windows.net/myorganization/$metadata#directoryObjects/Microsoft.DirectoryServices.User/@Element","odata.type":"Microsoft.DirectoryServices.User","objectType":"User","objectId":"XXXXX","deletionTimestamp":null,"accountEnabled":true,"signInNames":[],"assignedLicenses":[],"assignedPlans":[],"city":null,"companyName":null,"country":null,"creationType":null,"department":null,"dirSyncEnabled":null,"displayName":"test test","facsimileTelephoneNumber":null,"givenName":"test","immutableId":null,"isCompromised":null,"jobTitle":null,"lastDirSyncTime":null,"mail":null,"mailNickname":"test","mobile":null,"onPremisesSecurityIdentifier":null,"otherMails":[],"passwordPolicies":"None","passwordProfile":null,"physicalDeliveryOfficeName":null,"postalCode":null,"preferredLanguage":null,"provisionedPlans":[],"provisioningErrors":[],"proxyAddresses":[],"sipProxyAddress":null,"state":null,"streetAddress":null,"surname":"test","telephoneNumber":null,"usageLocation":null,"userPrincipalName":"test@xxxx.onmicrosoft.com","userType":"Member"}
2016/04/08 21:31:30 oauthproxy.go:473: 10.17.0.4:45632 ("83.XXX.XX.106") error redeeming code type assertion to string failed
2016/04/08 21:31:30 oauthproxy.go:316: ErrorPage 500 Internal Error Internal Error
The text was updated successfully, but these errors were encountered: