search

TheHive-Project / Cortex

Cortex: a Powerful Observable Analysis and Active Response Engine
https://thehive-project.org
GNU Affero General Public License v3.0
1.28k stars 217 forks source link

Unable to integrate Keycloack SSO in cortex #464

Open yogeshgurjar127 opened 4 months ago

yogeshgurjar127 commented 4 months ago

Hello Team,

When trying to use single sign-on for Cortex this error message appears in the logs:

image

Below is my configuration file.

oauth { name: oauth2 clientId: "cortex" clientSecret: "Secret" redirectUri: "http://localhost:9001/api/ssoLogin" responseType: "code" grantType: "authorization_code" authorizationUrl: "http://X.X.X.X:8080/realms/openid/protocol/openid-connect/auth" authorizationHeader: "Bearer" tokenUrl: "http://X.X.X.X::8080/realms/openid/protocol/openid-connect/token" userUrl: "http://X.X.X.X::8080/realms/openid/protocol/openid-connect/userinfo"

scope: ["openid", "email"]

    scope: "read:user"
    userIdField: "email"
  }

# Single-Sign On
sso {
    # Autocreate user in database?
    autocreate = true

    # Autoupdate its profile and roles?
    #autoupdate = false

    # Autologin user using SSO?
    autologin = true
    #defaultRoles = []

    # Name of mapping class from user resource to backend user ('simple' or 'group')
    mapper = group
    attributes {
      login = "admin@admin.local"
      name = "admin"
      groups = "groups"
      organization = "test"
    }
    defaultRoles = ["read"]
    auth.sso.defaultOrganization = "test"
    auth.sso.attributes.organization= "test"
    groups {
      mappings {
        admin-profile-name = ["admin"]
        editor-profile-name = ["write"]
        reader-profile-name = ["read"]
      }
    }

    mapper = testing
    attributes {
      login = "user"
      name = "name"
      roles = "read,analyze,orgadmin"
      organization = "test"
    }
    defaultRoles = ["read"]
    auth.sso.defaultOrganization = "test"
    auth.sso.attributes.organization= "test"
}

}

Could you please point me in the right direction for configuration guidance?

Thanks in advance!

Work Environment

Question Answer
OS version (server) Ubuntu
OS version (client) 22
Cortex version / git hash 3.1.8-1
Package Type From source
Browser type & version Chrome

@To-om Can you please help me with this?

To-om commented 4 months ago

In the OAuth2 configuration the scope must be an array:

-scope: "read:user"
+scope: ["read:user"]
yogeshgurjar127 commented 3 months ago

Hello @To-om

I adjusted the scope in the configuration file, however now I am getting the below error. For your convenience, the error message is provided below.

{"type":"AuthenticationError","message":"Authentication failure"}

image

Can you please help me with this?

To-om commented 3 months ago

The scope seems to be incorrect. Check the documentation of your IdP and set the expected value. Have you tried the default value: scope: ["openid", "email"] ?

yogeshgurjar127 commented 3 months ago

@To-om Yes, I already tried the default value of scope but still getting the same error.

Please find below conf details.

oauth2 { clientId: "cortex" clientSecret: "NnLadsgsgvssttlUzJKX4TnJS" redirectUri: "http://localhost:9001/api/ssoLogin" responseType: "code" grantType: "authorization_code" authorizationUrl: "http://X.X.X.X:8080/auth/realms/openid/protocol/openid-connect/auth" authorizationHeader: "Bearer" tokenUrl: "http://X.X.X.X:8080/auth/realms/openid/protocol/openid-connect/token" userUrl: "http://X.X.X.X:8080/auth/realms/openid/protocol/openid-connect/userinfo"

scope: ["read:user"]

scope: ["openid", "email"]
userIdField: "email"

} }

yogeshgurjar127 commented 3 months ago

@To-om Could you please assist me with this?

yogeshgurjar127 commented 2 months ago

Hello @To-om

Could you please update on this issue?