-
Notifications
You must be signed in to change notification settings - Fork 180
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
panic / 502 Bad Gateway in authenticated webfinger #6102
Labels
Comments
kulmann
added
Type:Bug
Priority:p1-urgent
Consider a hotfix release with only that fix
labels
Apr 20, 2023
13 tasks
It seems like, when using an internal IDP querying the oidc .well-knows an error gets thrown, resulting in an empty in ocis/ocis-pkg/middleware/oidc.go Line 57 in 0862ff6
|
86 tasks
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Describe the bug
An authenticated request to
.well-known/webfinger
where the webfinger service runs as part of ocis (I did not test standalone) causes a panic in the Oidc middleware.Steps to reproduce
Steps to reproduce the behavior:
.well-known/webfinger?resource=<issuerUrl>
Expected behavior
Webfinger service behaves as documented in https://owncloud.dev/services/webfinger/ - i.e. gives a response including the ocis instances the user has access to.
Actual behavior
Request terminates with a
502 Bad Gateway
.Setup
Single binary or keycloak deployment example
Initial findings
Running ocis with a debugger I found out that there is a panic happening in the oidc middleware:
http: panic serving 127.0.0.1:48434: runtime error: invalid memory address or nil pointer dereference
Set a breakpoint here:
ocis/ocis-pkg/middleware/oidc.go
Line 41 in 0862ff6
and step into
NewProvider
. ThedoRequest
call will run into aCertificateVerificationError
for an ocis with self signed certificate. Unfortunately I don't know how to make use ofOCIS_INSECURE=true
here....The error then gets swallowed into nirvana here:
ocis/ocis-pkg/middleware/oidc.go
Line 59 in 0862ff6
Finally running into a nil dereference here:
ocis/ocis-pkg/middleware/oidc.go
Line 67 in 0862ff6
when calling
provider.UserInfo
.The text was updated successfully, but these errors were encountered: