The storage server requires oauth2 cookies for authentication.
auth,
_oauth2_proxy_0
and
_oauth2_proxy_1
To get these you have to have the keycloak cookies present on the keycloak url, these will be checked once the oauth2 proxy on the storage server redirects you. This is done in the following way:
Navigating to the storage URL without the cookies gives you a 302 with Location at the keycloak URL and a Set-Cookie header with a crsf token called: _oauth2_proxy_csrf, the browser navigates to the keycloak URL and checks the cookies there, then redirects you to the storage URL again but with the Set-Cookie headers for the tokens.
The problem is that the CLI doesnt have access to the cookies from the browser, and there is no way to get them without doing sketchy / janky things.
The storage server requires oauth2 cookies for authentication.
auth
,_oauth2_proxy_0
and_oauth2_proxy_1
To get these you have to have the keycloak cookies present on the keycloak url, these will be checked once the oauth2 proxy on the storage server redirects you. This is done in the following way:
Navigating to the storage URL without the cookies gives you a
302
withLocation
at the keycloak URL and aSet-Cookie
header with a crsf token called:_oauth2_proxy_csrf
, the browser navigates to the keycloak URL and checks the cookies there, then redirects you to the storage URL again but with theSet-Cookie
headers for the tokens.The problem is that the CLI doesnt have access to the cookies from the browser, and there is no way to get them without doing sketchy / janky things.