Dex For Argocd does not support authentication with Atlassian Crowd Connector

[abdennour]

If you are trying to resolve an environment-specific issue or have a one-off question about the edge case that does not require a feature then please consider asking a question in argocd slack channel.

Checklist:

• [x] I've searched in the docs and FAQ for my answer: https://bit.ly/argocd-faq.
• [x] I've included steps to reproduce the bug.
• [x] I've pasted the output of argocd version.

Describe the bug Argocd cannot handle authentication thru Dex + Atlassian crowd connector

Clicking on login button, it takes time then, it show :

Failed to query provider "https://argo.mycompany.com/api/dex": Get "http://argocd-dex-server:5556/api/dex/.well-known/openid-configuration": dial tcp 10.103.253.72:5556: connect: connection refused

To Reproduce

Using argocd helm chart :

• Set server.config.dex\.config to be:

    server:
        dex.config: |
          connectors:
          - type: atlassian-crowd
            # Required field for connector id.
            id: crowd
            # Required field for connector name.
            name: Crowd
            config:
              baseURL: http://crowd.crowd/crowd
              clientID: $ATLASSIAN_CROWD_APPLICATION_ID
              clientSecret: $ATLASSIAN_CROWD_CLIENT_SECRET
              preferredUsernameField: name

• helm install ...

Expected behavior

• I expected that Dex integrated with Argocd is able to connect with Atlassian crowd.
• I expect that Argoc Auth-proxy handles Crowd connector differently ( it does not need button, because it does not read redirect. Instead, you must use Crowd API)

Screenshots

N/A

Version

argocd: v1.7.6+b04c25e
  BuildDate: 2020-09-19T00:53:13Z
  GitCommit: b04c25eca8f1660359e325acd4be5338719e59a0
  GitTreeState: clean
  GoVersion: go1.14.1
  Compiler: gc
  Platform: darwin/amd64
argocd-server: v1.7.6+b04c25e
  BuildDate: 2020-09-19T00:52:04Z
  GitCommit: b04c25eca8f1660359e325acd4be5338719e59a0
  GitTreeState: clean
  GoVersion: go1.14.1
  Compiler: gc
  Platform: linux/amd64
  Ksonnet Version: v0.13.1
  Kustomize Version: {Version:kustomize/v3.6.1 GitCommit:c97fa946d576eb6ed559f17f2ac43b3b5a8d5dbd BuildDate:2020-05-27T20:47:35Z GoOs:linux GoArch:amd64}
  Helm Version: version.BuildInfo{Version:"v3.2.0", GitCommit:"e11b7ce3b12db2941e90399e874513fbd24bcb71", GitTreeState:"clean", GoVersion:"go1.13.10"}
  Kubectl Version: v1.17.8

Logs

kubectl -n argocd logs -f argocd-dex-server-584d58b547-dvgx6

Dex throw out in the logs

 error parse config file /tmp/dex.yaml: error unmarshaling JSON: unknown connector type "atlassian-crowd"

[jannfis]

Hey, you need to also set url in configuration, refer to https://argoproj.github.io/argo-cd/operator-manual/user-management/#2-configure-argo-cd-for-sso I believe there is an appropriate parameter for the Helm chart as well.

[abdennour]

@jannfis I did .. But which URL ? crowd or argocd

[jannfis]

Oh, sorry, forget what I said - it clearly is about the connector. Sorry.

[jannfis]

So, turns out we are using Dex v2.22.0 and Atlassian Crowd connector was introduced in v2.23.0. So you can either try your luck with a manual upgrade of Dex image to v2.23.0 (might not work, for whatever reasons tho) or wait for us to provide an update.

[jessesuen]

Let us know if it works, and we can upgrade dex.

[abdennour]

Yep @jannfis ! I've checked dex release notes, and i can see that Crowd is well supported since v2.24.0. I updated dex tag to latest in helm values

dex:
  image:
    tag: v2.25.0

And now it works like a charm 🎊 🎊🎊

@jessesuen you can upgrade Dex to support Atlassian Crowd. However, you will need to test other connectors with this upgrade.

[abdennour]

@jessesuen I need your urgent support for https://github.com/argoproj/argo-cd/discussions/7989