Comments (6)
Can you share the command line you are using and a snippet from the logs?
from oauth2_proxy.
2014/12/23 11:50:31 127.0.0.1:55555 ("192.168.28.2") GET /oauth2/start?rd=%2F
2014/12/23 11:50:45 127.0.0.1:55614 ("192.168.28.2") GET /oauth2/callback?state=/&code=*****************************************
2014/12/23 11:50:45 validating: is ore@****.com valid? true
2014/12/23 11:50:45 127.0.0.1:55614 ("192.168.28.2") authenticating ore@*******.com completed
2014/12/23 11:50:45 127.0.0.1:55616 ("192.168.28.2") GET /
2014/12/23 11:50:45 127.0.0.1:55616 ("192.168.28.2") - invalid cookie session
I am using a config file you can take a look at the base config I am using
from oauth2_proxy.
hmm. might this be because there isn't a cookie secret set?
from oauth2_proxy.
There is actually
Sent from my iPhone
On Dec 23, 2014, at 16:21, Jehiah Czebotar [email protected] wrote:
hmm. might this be because there isn't a cookie secret set?
—
Reply to this email directly or view it on GitHub.
from oauth2_proxy.
ok, i was going based on here but i'm not intimately familiar with Chef cookbooks.
This sounds like a round-trip problem with cookies where they are getting set and either not passed back to the browser, or set in a way the browser isn't passing them back.
Can you verify that the browser get's a Set-Cookie
header on the response from /oauth2/callback?state=/&code=...
and that the same value is passed to the next request to /
? It should be straight forward to inspect that using the chrome/firefox developer tools.
Presumably you are proxying though a ssl term endpoint, do you have any thoughts about configuration there that might get in the way? If you are not terminating through a SSL endpoint (i've considered adding https support directly to google_auth_proxy to make that setup easier) you might be encountering an issue with cookie_https_only
being set to true
so the browser is not passing the cookie back over a http connection.
from oauth2_proxy.
Found the problem you were right...
By default if you use config file (at least from what I checked) cookie_https_only is set to true
I just set it to false
from oauth2_proxy.
Related Issues (20)
- GitHub Authentication keeps valid after user is removed from org or team HOT 1
- V2.2 is complaining about the google oauth Json file
- will oauth2_proxy support PUT HOT 2
- help with scope setting for okta HOT 1
- HTTP Basic Auth and set-xauthrequest HOT 4
- oauth2_proxy failing on the callback url using oidc provider HOT 1
- failing with oidc provider discovery object
- Safari is not sending cookies when doing CORS requests
- set response_mode
- Recent update of golang.org/x/oauth2/google libraries caused TestRequestSignaturePostRequest to fail
- OIDC provider disappeared in `v2.2` without any notice. HOT 1
- how to handle the callback url and get the login google emaill account? HOT 1
- htpasswd auth not working HOT 2
- Integrating oauth2_proxy with AWS Cognito HOT 3
- Microsoft Azure AD B2C Support
- user-configured redirect URL clobbered in oauthproxy.go HOT 5
- oidc and scope
- Restrict auth to specific Google groups returning Invalid Account HOT 1
- 404 not found on redirect HOT 1
- Cookie Path Defaults to Root '/' Even when Using "proxy-prefix" option
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from oauth2_proxy.