Phillezi
commented
1 week ago Did the getting cookies from browser idea, plan is to implement it with a flag, until it is possible to solve it neater
Open Phillezi opened 1 week ago
Phillezi
commented
1 week ago Did the getting cookies from browser idea, plan is to implement it with a flag, until it is possible to solve it neater
The storage server requires oauth2 cookies for authentication.
auth,_oauth2_proxy_0and_oauth2_proxy_1To get these you have to have the keycloak cookies present on the keycloak url, these will be checked once the oauth2 proxy on the storage server redirects you. This is done in the following way:
Navigating to the storage URL without the cookies gives you a
302withLocationat the keycloak URL and aSet-Cookieheader with a crsf token called:_oauth2_proxy_csrf, the browser navigates to the keycloak URL and checks the cookies there, then redirects you to the storage URL again but with theSet-Cookieheaders for the tokens.The problem is that the CLI doesnt have access to the cookies from the browser, and there is no way to get them without doing sketchy / janky things.