search

indigo-dc / oidc-agent

oidc-agent for managing OpenID Connect tokens on the command line
MIT License
110 stars 30 forks source link

Segmentation faults after abording (dynamic) client registration #563

Closed XMol closed 7 months ago

XMol commented 7 months ago 
$ oidc-gen wlcg
[1] https://bildungsproxy.aai.dfn.de
[2] https://iam.deep-hybrid-datacloud.eu/
[3] https://aai.egi.eu/auth/realms/egi
[4] https://aai-demo.egi.eu/auth/realms/egi
[5] https://aai-dev.egi.eu/auth/realms/egi
[6] https://login.elixir-czech.org/oidc/
[7] https://b2access.eudat.eu:8443/oauth2
[8] https://iam.extreme-datacloud.eu/
[9] https://accounts.google.com
[10] https://login.helmholtz.de/oauth2
[11] https://login-dev.helmholtz.de/oauth2
[12] https://iam-demo.cloud.cnaf.infn.it/
[13] https://iam-test.indigo-datacloud.eu/
[14] https://oidc.scc.kit.edu/auth/realms/kit
[15] https://auth.didmos.nfdi-aai.de
[16] https://regapp.nfdi-aai.de/oidc/realms/nfdi_demo
[17] https://wlcg.cloud.cnaf.infn.it/
[18] https://alice-auth.web.cern.ch/
[19] https://atlas-auth.web.cern.ch/
[20] https://cms-auth.web.cern.ch/
[21] https://lhcb-auth.web.cern.ch/
Issuer [https://wlcg.cloud.cnaf.infn.it/]: 19
The following scopes are supported: openid profile email address phone offline_access eduperson_scoped_affiliation eduperson_entitlement wlcg.groups wlcg eduperson_assurance entitlements
Scopes or 'max' (space separated) [openid profile offline_access]: max
Registering Client ...
Generating account configuration ...
accepted

Using a browser on any device, visit:
https://atlas-auth.web.cern.ch/device

And enter the code: TYMCKK
Alternatively you can use the following QR code to visit the above listed URL.
[QR code]

<ctrl-c abort>

$ oidc-gen -l
Segmentation fault

I assume that is caused by the temporary file left behind?

$ oidc-gen wlcg
Found temporary file for this shortname. Do you want to use it? [Yes/no/quit]: quit
zachmann commented 7 months ago

The segmentation fault is not linked to the temporary file (actually this is not even a true file, it only existing in the agent's memory).

The segmentation fault only occurs when the oidc-agent dir is empty. I have a fix ready.

XMol commented 7 months ago

Hi Gabriel,

I can confirm that the local oidc-agent directory is empty.

$ cat .oidc-agent/issuer.config
[]

Sorry in case I reported an issue you were aware of already.

Ciao,
Xavier.

zachmann commented 7 months ago

No I wasn't aware of it; just a precious educated guess where the problem was.