search

goauthentik / authentik

The authentication glue you need.
https://goauthentik.io
Other
11.95k stars 822 forks source link

Home assistant integration #2730

Closed BentEngbers closed 4 months ago

BentEngbers commented 2 years ago

Describe your question/

I am trying to setup the homeassistant integration with authentik, as explained here: https://goauthentik.io/integrations/services/home-assistant/ .
I have been successful in setting up the nextcloud integration on the same system.

the link to the docker.sock is also reported to be "unhealty". I think this is due to a permission problem, but i am not sure. I have tried to modify the integrated outpost, but this did not seem to change my situation. How would I debug my setup? Which logs are relavant? I do understand most docker/linux concepts, but I do not know a lot about authorization systems. Thanks for creating this awesome Identity Provider!

Relevant infos i.e. Version of other software you're using, specifics of your setup

I am running Unraid Version: 6.9.2. homeassistant is running inside a vm on the same machine, with a unique IP address. authentik and a authentik worker are running inside two docker containers. I followed the following guide to setup authentik on unraid: https://www.youtube.com/watch?v=g-pbzAaYMq4

Screenshots If applicable, add screenshots to help explain your problem.

CleanShot 2022-04-16 at 19 28 02@2x

NOTE: my domain name is a placeholder.

CleanShot 2022-04-16 at 19 41 34@2x

Logs Output of docker-compose logs or kubectl logs respectively

Logs
return await application( File "/usr/local/lib/python3.10/site-packages/channels/sessions.py", line 47, in __call__ return await self.inner(dict(scope, cookies=cookies), receive, send) File "/usr/local/lib/python3.10/site-packages/channels/sessions.py", line 263, in __call__ return await self.inner(wrapper.scope, receive, wrapper.send) File "/usr/local/lib/python3.10/site-packages/channels/auth.py", line 185, in __call__ return await super().__call__(scope, receive, send) File "/usr/local/lib/python3.10/site-packages/channels/middleware.py", line 26, in __call__ return await self.inner(scope, receive, send) File "/authentik/lib/sentry.py", line 39, in __call__ return await self.inner(scope, receive, send) File "/usr/local/lib/python3.10/site-packages/channels/consumer.py", line 94, in app return await consumer(scope, receive, send) File "/usr/local/lib/python3.10/site-packages/channels/consumer.py", line 58, in __call__ await await_many_dispatch( File "/usr/local/lib/python3.10/site-packages/channels/utils.py", line 58, in await_many_dispatch await task File "/usr/local/lib/python3.10/site-packages/channels/utils.py", line 50, in await_many_dispatch result = task.result() File "/usr/local/lib/python3.10/site-packages/channels_redis/core.py", line 492, in receive message_channel, message = await self.receive_single( File "/usr/local/lib/python3.10/site-packages/channels_redis/core.py", line 547, in receive_single content = await self._brpop_with_clean( File "/usr/local/lib/python3.10/site-packages/channels_redis/core.py", line 380, in _brpop_with_clean async with self.connection(index) as connection: File "/usr/local/lib/python3.10/site-packages/channels_redis/core.py", line 902, in __aenter__ self.conn = await self.pool.pop() File "/usr/local/lib/python3.10/site-packages/channels_redis/core.py", line 93, in pop conn = await self.create_conn(loop) File "/usr/local/lib/python3.10/site-packages/channels_redis/core.py", line 79, in create_conn return await aioredis.create_redis_pool(**kwargs) File "/usr/local/lib/python3.10/site-packages/aioredis/commands/__init__.py", line 188, in create_redis_pool pool = await create_pool(address, db=db, File "/usr/local/lib/python3.10/site-packages/aioredis/pool.py", line 58, in create_pool await pool._fill_free(override_min=False) File "/usr/local/lib/python3.10/site-packages/aioredis/pool.py", line 383, in _fill_free conn = await self._create_new_connection(self._address) File "/usr/local/lib/python3.10/site-packages/aioredis/connection.py", line 133, in create_connection await conn.auth(password) File "/usr/local/lib/python3.10/site-packages/aioredis/util.py", line 52, in wait_ok res = await fut aioredis.errors.ReplyError: WRONGPASS invalid username-password pair or user is disabled. Exception in ASGI application Traceback (most recent call last): File "/usr/local/lib/python3.10/site-packages/uvicorn/protocols/websockets/wsproto_impl.py", line 219, in run_asgi result = await self.app(self.scope, self.receive, self.send) File "/usr/local/lib/python3.10/site-packages/uvicorn/middleware/proxy_headers.py", line 75, in __call__ return await self.app(scope, receive, send) File "/usr/local/lib/python3.10/site-packages/uvicorn/middleware/message_logger.py", line 82, in __call__ raise exc from None File "/usr/local/lib/python3.10/site-packages/uvicorn/middleware/message_logger.py", line 78, in __call__ await self.app(scope, inner_receive, inner_send) File "/usr/local/lib/python3.10/site-packages/sentry_sdk/integrations/asgi.py", line 115, in _run_asgi3 return await self._run_app(scope, lambda: self.app(scope, receive, send)) File "/usr/local/lib/python3.10/site-packages/sentry_sdk/integrations/asgi.py", line 162, in _run_app raise exc from None File "/usr/local/lib/python3.10/site-packages/sentry_sdk/integrations/asgi.py", line 159, in _run_app return await callback() File "/usr/local/lib/python3.10/site-packages/channels/routing.py", line 71, in __call__ return await application(scope, receive, send) File "/authentik/root/asgi.py", line 54, in __call__ return await self.app(scope, receive, send) File "/usr/local/lib/python3.10/site-packages/channels/routing.py", line 150, in __call__ return await application( File "/usr/local/lib/python3.10/site-packages/channels/sessions.py", line 47, in __call__ return await self.inner(dict(scope, cookies=cookies), receive, send) File "/usr/local/lib/python3.10/site-packages/channels/sessions.py", line 263, in __call__ return await self.inner(wrapper.scope, receive, wrapper.send) File "/usr/local/lib/python3.10/site-packages/channels/auth.py", line 185, in __call__ return await super().__call__(scope, receive, send) File "/usr/local/lib/python3.10/site-packages/channels/middleware.py", line 26, in __call__ return await self.inner(scope, receive, send) File "/authentik/lib/sentry.py", line 39, in __call__ return await self.inner(scope, receive, send) File "/usr/local/lib/python3.10/site-packages/channels/consumer.py", line 94, in app return await consumer(scope, receive, send) File "/usr/local/lib/python3.10/site-packages/channels/consumer.py", line 58, in __call__ await await_many_dispatch( File "/usr/local/lib/python3.10/site-packages/channels/utils.py", line 58, in await_many_dispatch await task File "/usr/local/lib/python3.10/site-packages/channels/utils.py", line 50, in await_many_dispatch result = task.result() File "/usr/local/lib/python3.10/site-packages/channels_redis/core.py", line 492, in receive message_channel, message = await self.receive_single( File "/usr/local/lib/python3.10/site-packages/channels_redis/core.py", line 547, in receive_single content = await self._brpop_with_clean( File "/usr/local/lib/python3.10/site-packages/channels_redis/core.py", line 380, in _brpop_with_clean async with self.connection(index) as connection: File "/usr/local/lib/python3.10/site-packages/channels_redis/core.py", line 902, in __aenter__ self.conn = await self.pool.pop() File "/usr/local/lib/python3.10/site-packages/channels_redis/core.py", line 93, in pop conn = await self.create_conn(loop) File "/usr/local/lib/python3.10/site-packages/channels_redis/core.py", line 79, in create_conn return await aioredis.create_redis_pool(**kwargs) File "/usr/local/lib/python3.10/site-packages/aioredis/commands/__init__.py", line 188, in create_redis_pool pool = await create_pool(address, db=db, File "/usr/local/lib/python3.10/site-packages/aioredis/pool.py", line 58, in create_pool await pool._fill_free(override_min=False) File "/usr/local/lib/python3.10/site-packages/aioredis/pool.py", line 383, in _fill_free conn = await self._create_new_connection(self._address) File "/usr/local/lib/python3.10/site-packages/aioredis/connection.py", line 133, in create_connection await conn.auth(password) File "/usr/local/lib/python3.10/site-packages/aioredis/util.py", line 52, in wait_ok res = await fut aioredis.errors.ReplyError: WRONGPASS invalid username-password pair or user is disabled. Exception in ASGI application Traceback (most recent call last): File "/usr/local/lib/python3.10/site-packages/uvicorn/protocols/websockets/wsproto_impl.py", line 219, in run_asgi result = await self.app(self.scope, self.receive, self.send) File "/usr/local/lib/python3.10/site-packages/uvicorn/middleware/proxy_headers.py", line 75, in __call__ return await self.app(scope, receive, send) File "/usr/local/lib/python3.10/site-packages/uvicorn/middleware/message_logger.py", line 82, in __call__ raise exc from None File "/usr/local/lib/python3.10/site-packages/uvicorn/middleware/message_logger.py", line 78, in __call__ await self.app(scope, inner_receive, inner_send) File "/usr/local/lib/python3.10/site-packages/sentry_sdk/integrations/asgi.py", line 115, in _run_asgi3 return await self._run_app(scope, lambda: self.app(scope, receive, send)) File "/usr/local/lib/python3.10/site-packages/sentry_sdk/integrations/asgi.py", line 162, in _run_app raise exc from None File "/usr/local/lib/python3.10/site-packages/sentry_sdk/integrations/asgi.py", line 159, in _run_app return await callback() File "/usr/local/lib/python3.10/site-packages/channels/routing.py", line 71, in __call__ return await application(scope, receive, send) File "/authentik/root/asgi.py", line 54, in __call__ return await self.app(scope, receive, send) File "/usr/local/lib/python3.10/site-packages/channels/routing.py", line 150, in __call__ return await application( File "/usr/local/lib/python3.10/site-packages/channels/sessions.py", line 47, in __call__ return await self.inner(dict(scope, cookies=cookies), receive, send) File "/usr/local/lib/python3.10/site-packages/channels/sessions.py", line 263, in __call__ return await self.inner(wrapper.scope, receive, wrapper.send) File "/usr/local/lib/python3.10/site-packages/channels/auth.py", line 185, in __call__ return await super().__call__(scope, receive, send) File "/usr/local/lib/python3.10/site-packages/channels/middleware.py", line 26, in __call__ return await self.inner(scope, receive, send) File "/authentik/lib/sentry.py", line 39, in __call__ return await self.inner(scope, receive, send) File "/usr/local/lib/python3.10/site-packages/channels/consumer.py", line 94, in app return await consumer(scope, receive, send) File "/usr/local/lib/python3.10/site-packages/channels/consumer.py", line 58, in __call__ await await_many_dispatch( File "/usr/local/lib/python3.10/site-packages/channels/utils.py", line 58, in await_many_dispatch await task File "/usr/local/lib/python3.10/site-packages/channels/utils.py", line 50, in await_many_dispatch result = task.result() File "/usr/local/lib/python3.10/site-packages/channels_redis/core.py", line 492, in receive message_channel, message = await self.receive_single( File "/usr/local/lib/python3.10/site-packages/channels_redis/core.py", line 547, in receive_single content = await self._brpop_with_clean( File "/usr/local/lib/python3.10/site-packages/channels_redis/core.py", line 380, in _brpop_with_clean async with self.connection(index) as connection: File "/usr/local/lib/python3.10/site-packages/channels_redis/core.py", line 902, in __aenter__ self.conn = await self.pool.pop() File "/usr/local/lib/python3.10/site-packages/channels_redis/core.py", line 93, in pop conn = await self.create_conn(loop) File "/usr/local/lib/python3.10/site-packages/channels_redis/core.py", line 79, in create_conn return await aioredis.create_redis_pool(**kwargs) File "/usr/local/lib/python3.10/site-packages/aioredis/commands/__init__.py", line 188, in create_redis_pool pool = await create_pool(address, db=db, File "/usr/local/lib/python3.10/site-packages/aioredis/pool.py", line 58, in create_pool await pool._fill_free(override_min=False) File "/usr/local/lib/python3.10/site-packages/aioredis/pool.py", line 383, in _fill_free conn = await self._create_new_connection(self._address) File "/usr/local/lib/python3.10/site-packages/aioredis/connection.py", line 133, in create_connection await conn.auth(password) File "/usr/local/lib/python3.10/site-packages/aioredis/util.py", line 52, in wait_ok res = await fut aioredis.errors.ReplyError: WRONGPASS invalid username-password pair or user is disabled. {"error":"websocket: close 1006 (abnormal closure): unexpected EOF","event":"ws read error","level":"warning","logger":"authentik.outpost.ak-api-controller","loop":"ws-handler","timestamp":"2022-04-16T10:38:52-07:00"} Exception in ASGI application Traceback (most recent call last): File "/usr/local/lib/python3.10/site-packages/uvicorn/protocols/websockets/wsproto_impl.py", line 219, in run_asgi result = await self.app(self.scope, self.receive, self.send) File "/usr/local/lib/python3.10/site-packages/uvicorn/middleware/proxy_headers.py", line 75, in __call__ return await self.app(scope, receive, send) File "/usr/local/lib/python3.10/site-packages/uvicorn/middleware/message_logger.py", line 82, in __call__ raise exc from None File "/usr/local/lib/python3.10/site-packages/uvicorn/middleware/message_logger.py", line 78, in __call__ await self.app(scope, inner_receive, inner_send) File "/usr/local/lib/python3.10/site-packages/sentry_sdk/integrations/asgi.py", line 115, in _run_asgi3 return await self._run_app(scope, lambda: self.app(scope, receive, send)) File "/usr/local/lib/python3.10/site-packages/sentry_sdk/integrations/asgi.py", line 162, in _run_app raise exc from None File "/usr/local/lib/python3.10/site-packages/sentry_sdk/integrations/asgi.py", line 159, in _run_app return await callback() File "/usr/local/lib/python3.10/site-packages/channels/routing.py", line 71, in __call__ return await application(scope, receive, send) File "/authentik/root/asgi.py", line 54, in __call__ return await self.app(scope, receive, send) File "/usr/local/lib/python3.10/site-packages/channels/routing.py", line 150, in __call__ return await application( File "/authentik/lib/sentry.py", line 39, in __call__ return await self.inner(scope, receive, send) File "/usr/local/lib/python3.10/site-packages/channels/consumer.py", line 94, in app return await consumer(scope, receive, send) File "/usr/local/lib/python3.10/site-packages/channels/consumer.py", line 58, in __call__ await await_many_dispatch( File "/usr/local/lib/python3.10/site-packages/channels/utils.py", line 58, in await_many_dispatch await task File "/usr/local/lib/python3.10/site-packages/channels/utils.py", line 50, in await_many_dispatch result = task.result() File "/usr/local/lib/python3.10/site-packages/channels_redis/core.py", line 492, in receive message_channel, message = await self.receive_single( File "/usr/local/lib/python3.10/site-packages/channels_redis/core.py", line 547, in receive_single content = await self._brpop_with_clean( File "/usr/local/lib/python3.10/site-packages/channels_redis/core.py", line 380, in _brpop_with_clean async with self.connection(index) as connection: File "/usr/local/lib/python3.10/site-packages/channels_redis/core.py", line 902, in __aenter__ self.conn = await self.pool.pop() File "/usr/local/lib/python3.10/site-packages/channels_redis/core.py", line 93, in pop conn = await self.create_conn(loop) File "/usr/local/lib/python3.10/site-packages/channels_redis/core.py", line 79, in create_conn return await aioredis.create_redis_pool(**kwargs) File "/usr/local/lib/python3.10/site-packages/aioredis/commands/__init__.py", line 188, in create_redis_pool pool = await create_pool(address, db=db, File "/usr/local/lib/python3.10/site-packages/aioredis/pool.py", line 58, in create_pool await pool._fill_free(override_min=False) File "/usr/local/lib/python3.10/site-packages/aioredis/pool.py", line 383, in _fill_free conn = await self._create_new_connection(self._address) File "/usr/local/lib/python3.10/site-packages/aioredis/connection.py", line 133, in create_connection await conn.auth(password) File "/usr/local/lib/python3.10/site-packages/aioredis/util.py", line 52, in wait_ok res = await fut aioredis.errors.ReplyError: WRONGPASS invalid username-password pair or user is disabled. Exception in ASGI application Traceback (most recent call last): File "/usr/local/lib/python3.10/site-packages/uvicorn/protocols/websockets/wsproto_impl.py", line 219, in run_asgi result = await self.app(self.scope, self.receive, self.send) File "/usr/local/lib/python3.10/site-packages/uvicorn/middleware/proxy_headers.py", line 75, in __call__ return await self.app(scope, receive, send) File "/usr/local/lib/python3.10/site-packages/uvicorn/middleware/message_logger.py", line 82, in __call__ raise exc from None File "/usr/local/lib/python3.10/site-packages/uvicorn/middleware/message_logger.py", line 78, in __call__ await self.app(scope, inner_receive, inner_send) File "/usr/local/lib/python3.10/site-packages/sentry_sdk/integrations/asgi.py", line 115, in _run_asgi3 return await self._run_app(scope, lambda: self.app(scope, receive, send)) File "/usr/local/lib/python3.10/site-packages/sentry_sdk/integrations/asgi.py", line 162, in _run_app raise exc from None File "/usr/local/lib/python3.10/site-packages/sentry_sdk/integrations/asgi.py", line 159, in _run_app return await callback() File "/usr/local/lib/python3.10/site-packages/channels/routing.py", line 71, in __call__ return await application(scope, receive, send) File "/authentik/root/asgi.py", line 54, in __call__ return await self.app(scope, receive, send) File "/usr/local/lib/python3.10/site-packages/channels/routing.py", line 150, in __call__ return await application( File "/usr/local/lib/python3.10/site-packages/channels/sessions.py", line 47, in __call__ return await self.inner(dict(scope, cookies=cookies), receive, send) File "/usr/local/lib/python3.10/site-packages/channels/sessions.py", line 263, in __call__ return await self.inner(wrapper.scope, receive, wrapper.send) File "/usr/local/lib/python3.10/site-packages/channels/auth.py", line 185, in __call__ return await super().__call__(scope, receive, send) File "/usr/local/lib/python3.10/site-packages/channels/middleware.py", line 26, in __call__ return await self.inner(scope, receive, send) File "/authentik/lib/sentry.py", line 39, in __call__ return await self.inner(scope, receive, send) File "/usr/local/lib/python3.10/site-packages/channels/consumer.py", line 94, in app return await consumer(scope, receive, send) File "/usr/local/lib/python3.10/site-packages/channels/consumer.py", line 58, in __call__ await await_many_dispatch( File "/usr/local/lib/python3.10/site-packages/channels/utils.py", line 58, in await_many_dispatch await task File "/usr/local/lib/python3.10/site-packages/channels/utils.py", line 50, in await_many_dispatch result = task.result() File "/usr/local/lib/python3.10/site-packages/channels_redis/core.py", line 492, in receive message_channel, message = await self.receive_single( File "/usr/local/lib/python3.10/site-packages/channels_redis/core.py", line 547, in receive_single content = await self._brpop_with_clean( File "/usr/local/lib/python3.10/site-packages/channels_redis/core.py", line 380, in _brpop_with_clean async with self.connection(index) as connection: File "/usr/local/lib/python3.10/site-packages/channels_redis/core.py", line 902, in __aenter__ self.conn = await self.pool.pop() File "/usr/local/lib/python3.10/site-packages/channels_redis/core.py", line 93, in pop conn = await self.create_conn(loop) File "/usr/local/lib/python3.10/site-packages/channels_redis/core.py", line 79, in create_conn return await aioredis.create_redis_pool(**kwargs) File "/usr/local/lib/python3.10/site-packages/aioredis/commands/__init__.py", line 188, in create_redis_pool pool = await create_pool(address, db=db, File "/usr/local/lib/python3.10/site-packages/aioredis/pool.py", line 58, in create_pool await pool._fill_free(override_min=False) File "/usr/local/lib/python3.10/site-packages/aioredis/pool.py", line 383, in _fill_free conn = await self._create_new_connection(self._address) File "/usr/local/lib/python3.10/site-packages/aioredis/connection.py", line 133, in create_connection await conn.auth(password) File "/usr/local/lib/python3.10/site-packages/aioredis/util.py", line 52, in wait_ok res = await fut aioredis.errors.ReplyError: WRONGPASS invalid username-password pair or user is disabled. Exception in ASGI application Traceback (most recent call last): File "/usr/local/lib/python3.10/site-packages/uvicorn/protocols/websockets/wsproto_impl.py", line 219, in run_asgi result = await self.app(self.scope, self.receive, self.send) File "/usr/local/lib/python3.10/site-packages/uvicorn/middleware/proxy_headers.py", line 75, in __call__ return await self.app(scope, receive, send) File "/usr/local/lib/python3.10/site-packages/uvicorn/middleware/message_logger.py", line 82, in __call__ raise exc from None File "/usr/local/lib/python3.10/site-packages/uvicorn/middleware/message_logger.py", line 78, in __call__ await self.app(scope, inner_receive, inner_send) File "/usr/local/lib/python3.10/site-packages/sentry_sdk/integrations/asgi.py", line 115, in _run_asgi3 return await self._run_app(scope, lambda: self.app(scope, receive, send)) File "/usr/local/lib/python3.10/site-packages/sentry_sdk/integrations/asgi.py", line 162, in _run_app raise exc from None File "/usr/local/lib/python3.10/site-packages/sentry_sdk/integrations/asgi.py", line 159, in _run_app return await callback() File "/usr/local/lib/python3.10/site-packages/channels/routing.py", line 71, in __call__ return await application(scope, receive, send) File "/authentik/root/asgi.py", line 54, in __call__ return await self.app(scope, receive, send) File "/usr/local/lib/python3.10/site-packages/channels/routing.py", line 150, in __call__ return await application( File "/usr/local/lib/python3.10/site-packages/channels/sessions.py", line 47, in __call__ return await self.inner(dict(scope, cookies=cookies), receive, send) File "/usr/local/lib/python3.10/site-packages/channels/sessions.py", line 263, in __call__ return await self.inner(wrapper.scope, receive, wrapper.send) File "/usr/local/lib/python3.10/site-packages/channels/auth.py", line 185, in __call__ return await super().__call__(scope, receive, send) File "/usr/local/lib/python3.10/site-packages/channels/middleware.py", line 26, in __call__ return await self.inner(scope, receive, send) File "/authentik/lib/sentry.py", line 39, in __call__ return await self.inner(scope, receive, send) File "/usr/local/lib/python3.10/site-packages/channels/consumer.py", line 94, in app return await consumer(scope, receive, send) File "/usr/local/lib/python3.10/site-packages/channels/consumer.py", line 58, in __call__ await await_many_dispatch( File "/usr/local/lib/python3.10/site-packages/channels/utils.py", line 58, in await_many_dispatch await task File "/usr/local/lib/python3.10/site-packages/channels/utils.py", line 50, in await_many_dispatch result = task.result() File "/usr/local/lib/python3.10/site-packages/channels_redis/core.py", line 492, in receive message_channel, message = await self.receive_single( File "/usr/local/lib/python3.10/site-packages/channels_redis/core.py", line 547, in receive_single content = await self._brpop_with_clean( File "/usr/local/lib/python3.10/site-packages/channels_redis/core.py", line 380, in _brpop_with_clean async with self.connection(index) as connection: File "/usr/local/lib/python3.10/site-packages/channels_redis/core.py", line 902, in __aenter__ self.conn = await self.pool.pop() File "/usr/local/lib/python3.10/site-packages/channels_redis/core.py", line 93, in pop conn = await self.create_conn(loop) File "/usr/local/lib/python3.10/site-packages/channels_redis/core.py", line 79, in create_conn return await aioredis.create_redis_pool(**kwargs) File "/usr/local/lib/python3.10/site-packages/aioredis/commands/__init__.py", line 188, in create_redis_pool pool = await create_pool(address, db=db, File "/usr/local/lib/python3.10/site-packages/aioredis/pool.py", line 58, in create_pool await pool._fill_free(override_min=False) File "/usr/local/lib/python3.10/site-packages/aioredis/pool.py", line 383, in _fill_free conn = await self._create_new_connection(self._address) File "/usr/local/lib/python3.10/site-packages/aioredis/connection.py", line 133, in create_connection await conn.auth(password) File "/usr/local/lib/python3.10/site-packages/aioredis/util.py", line 52, in wait_ok res = await fut aioredis.errors.ReplyError: WRONGPASS invalid username-password pair or user is disabled.

Version and Deployment (please complete the following information):

Additional context Add any other context about the problem here.

solarssk commented 2 years ago

I configured HA with Authentik via Proxy - so maybe I can help you to connect it. It is very easy :-) My home assistant is installed on VM in Synology NAS.

Show your configuration from configuration.yaml in HA. Do you installed https://github.com/BeryJu/hass-auth-header via HACS?

rezo552 commented 1 year ago

I managed to configure this but the mobile app doesnt seem to work. When Im opening up the application, it renders the authentik portal Im signing in then getting back to HA with the following message: Failed to connect Response could not be decoded because of error: The operation couldnt be completed. ObjectMapper failed to serialize reponse.

Error code: Alamofire.AFError 10

eugene-davis commented 1 year ago

@rezo552 I had the same error, and found I had to login once with the built-in authentication (with redirects on the proxy disabled) and then re-enable the Home Assistant configuration once the app has signed in once normally.

WolfwithSword commented 1 year ago

@eugene-davis Different issue but this is the only workaround that "works". The Android HA app opens the authentik login in the phone's default browser, logs in successfully for me and brings me to HA - but only in the browser. Authentik doesn't callback to the app at all and the HA app hangs unable to login.

Also I have to restart home-assistant with the auth re-enabled while the app is logged in and open, otherwise it doesn't keep. Have to repeat the process each time the built-in login expires.

IOS works fine, just a problem on Android mobile. Authentik doesn't redirect/callback to the app. Works for Nextcloud app though.

benedikt-bartscher commented 1 year ago

Did anyone try messing with Home Assistants Authentication Providers? https://blog.christophermullins.com/2019/09/30/custom-homeassistant-auth-provider/ https://developers.home-assistant.io/docs/auth_auth_provider/#defining-an-auth-provider https://gist.github.com/sidoh/479708a8f5a314075b573a9982e333ec

Neon-44 commented 1 year ago

having the same problem. any updates on this?

ThierryIT commented 10 months ago

same pb too

NeZios commented 10 months ago

Same issue here.

robump commented 7 months ago

Did anyone make any progress with this? Having the exact same issue

BeryJu commented 4 months ago

Issues like these should be reported in the hass-auth-header repo instead of here, as most of the time these issues aren't caused by authentik itself. (For example in the OP the error stacktrace is caused by an incorrect redis password)

ozzinse commented 3 months ago

7

Hi i cannot cofigure HA with authentik My configuration yaml: 

http:
    use_x_forwarded_for: true
    ip_ban_enabled: false
    trusted_proxies:
        - 10.10.10.0/24 # replace X to fit your local devices
auth_header:
    username_header: X-ak-hass-user

Can You help how to doit ?