search

eip-work / kuboard-press

Kuboard 是基于 Kubernetes 的微服务管理界面。同时提供 Kubernetes 免费中文教程,入门教程,最新版本的 Kubernetes v1.23.4 安装手册,(k8s install) 在线答疑,持续更新。
https://kuboard.cn/
22.65k stars 1.52k forks source link

kuboard配置oidc登录,groups获取不到 #447

Open CharkeyQK opened 1 year ago

CharkeyQK commented 1 year ago 

  KUBOARD_LOGIN_TYPE: "oidc"
  KUBOARD_ROOT_USER: "root"
  UPSTREAM_OIDC_ISSUER: "https://sso.server/"
  UPSTREAM_OIDC_CLIENT_ID: "kuboard"
  UPSTREAM_OIDC_CLIENT_SECRET: "client-secret"
  UPSTREAM_OIDC_REDIRECT_URI: "https://kuboard/sso/callback"

使用 Keycloak,client已经为client scopes加入了 groups;但是登录的时候,kuboard日志还是看到groups为空: msg="login successful: connector \"oidc\", username=\"devops\", preferred_username=\"devops\", email=\"devops@example.com\", groups=[]"

请问哪里配置有误

liusancai commented 1 year ago

请问是怎么配置oidc登录的,没有找到对应的文档

wenjunGU commented 3 months ago

请问您这个OIDC怎么配置的?我这个UPSTREAM_OIDC_REDIRECT_URI写好了,但是实际访问会报错level=error msg="Connector \"oidc\" returned error when creating callback: expected callback URL \"http://ip:80/sso/callback\" did not match the URL in the config \"https://test.sso.com/sso/callback\"", 这个http://ip:80/sso/callback是写死了?还是哪里可以配置的