Open martadams89 opened 13 hours ago
Describe the bug Proxy provided applications stuck in a redirect loop
To Reproduce Steps to reproduce the behavior: Upgrade from 2024.08 to 2024.10, use a proxy provider application
Expected behavior redirect to proxy application as normal.
Logs
{"action": "system_exception", "auth_via": "oauth_client_secret", "client_ip": "127.0.0.1", "context": {"http_request": {"args": {}, "method": "POST", "path": "/application/o/token/", "request_id": "", "user_agent": "goauthentik.io/outpost/2024.10.1 (provider=Provider for FileBrowser-Prod)"}, "message": "Traceback (most recent call last):\n File \"/ak-root/venv/lib/python3.12/site-packages/asgiref/sync.py\", line 518, in thread_handler\n raise exc_info[1]\n File \"/ak-root/venv/lib/python3.12/site-packages/django/core/handlers/base.py\", line 253, in _get_response_async\n response = await wrapped_callback(\n ^^^^^^^^^^^^^^^^^^^^^^^\n File \"/ak-root/venv/lib/python3.12/site-packages/asgiref/sync.py\", line 468, in __call__\n ret = await asyncio.shield(exec_coro)\n ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^\n File \"/ak-root/venv/lib/python3.12/site-packages/asgiref/current_thread_executor.py\", line 40, in run\n result = self.fn(*self.args, **self.kwargs)\n ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^\n File \"/ak-root/venv/lib/python3.12/site-packages/asgiref/sync.py\", line 522, in thread_handler\n return func(*args, **kwargs)\n ^^^^^^^^^^^^^^^^^^^^^\n File \"/ak-root/venv/lib/python3.12/site-packages/django/views/generic/base.py\", line 104, in view\n return self.dispatch(request, *args, **kwargs)\n ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^\n File \"/ak-root/venv/lib/python3.12/site-packages/django/utils/decorators.py\", line 48, in _wrapper\n return bound_method(*args, **kwargs)\n ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^\n File \"/ak-root/venv/lib/python3.12/site-packages/django/views/decorators/csrf.py\", line 65, in _view_wrapper\n return view_func(request, *args, **kwargs)\n ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^\n File \"/authentik/providers/oauth2/views/token.py\", line 497, in dispatch\n response = super().dispatch(request, *args, **kwargs)\n ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^\n File \"/ak-root/venv/lib/python3.12/site-packages/django/views/generic/base.py\", line 143, in dispatch\n return handler(request, *args, **kwargs)\n ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^\n File \"/authentik/providers/oauth2/views/token.py\", line 526, in post\n return TokenResponse(self.create_code_response())\n ^^^^^^^^^^^^^^^^^^^^^^^^^^^\n File \"/authentik/providers/oauth2/views/token.py\", line 561, in create_code_response\n access_token.id_token = access_id_token\n ^^^^^^^^^^^^^^^^^^^^^\n File \"/authentik/providers/oauth2/models.py\", line 438, in id_token\n self.token = value.to_access_token(self.provider)\n ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^\n File \"/authentik/providers/oauth2/id_token.py\", line 174, in to_access_token\n return provider.encode(final)\n ^^^^^^^^^^^^^^^^^^^^^^\n File \"/authentik/providers/oauth2/models.py\", line 310, in encode\n encoded = encode(payload, key, algorithm=alg, headers=headers)\n ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^\n File \"/ak-root/venv/lib/python3.12/site-packages/jwt/api_jwt.py\", line 68, in encode\n json_payload = self._encode_payload(\n ^^^^^^^^^^^^^^^^^^^^^\n File \"/ak-root/venv/lib/python3.12/site-packages/jwt/api_jwt.py\", line 95, in _encode_payload\n return json.dumps(\n ^^^^^^^^^^^\n File \"/usr/local/lib/python3.12/json/__init__.py\", line 238, in dumps\n **kw).encode(obj)\n ^^^^^^^^^^^\n File \"/usr/local/lib/python3.12/json/encoder.py\", line 200, in encode\n chunks = self.iterencode(o, _one_shot=True)\n ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^\n File \"/usr/local/lib/python3.12/json/encoder.py\", line 258, in iterencode\n return _iterencode(o, 0)\n ^^^^^^^^^^^^^^^^^\n File \"/usr/local/lib/python3.12/json/encoder.py\", line 180, in default\n raise TypeError(f'Object of type {o.__class__.__name__} '\nbuiltins.TypeError: Object of type UUID is not JSON serializable"}, "domain_url": "authentik.xxx.xxx.net", "event": "Created Event", "host": "authentik.xxx.xxx.net", "level": "info", "logger": "authentik.events.models", "pid": 67, "request_id": "f", "schema_name": "public", "timestamp": "2024-11-07T21:29:46.255682", "user": {"email": "", "is_anonymous": true, "pk": 1, "username": "AnonymousUser"}} Object of type UUID is not JSON serializable
Version and Deployment (please complete the following information):
Additional context same issue as on https://github.com/goauthentik/authentik/issues/11883 - tried setting env variables AUTHENTIK_HOST and AUTHENTIK_BROWSER_HOST but this didn't make a difference.
Upgraded and left authentik running over weekend to see if issue resolved (as some appear to have said it sorts itself out) but didn't work for me, had to downgrade to get proxy provider working.
Describe the bug Proxy provided applications stuck in a redirect loop
To Reproduce Steps to reproduce the behavior: Upgrade from 2024.08 to 2024.10, use a proxy provider application
Expected behavior redirect to proxy application as normal.
Logs
Version and Deployment (please complete the following information):
Additional context same issue as on https://github.com/goauthentik/authentik/issues/11883 - tried setting env variables AUTHENTIK_HOST and AUTHENTIK_BROWSER_HOST but this didn't make a difference.
Upgraded and left authentik running over weekend to see if issue resolved (as some appear to have said it sorts itself out) but didn't work for me, had to downgrade to get proxy provider working.