Closed lao8n closed 1 year ago
google login in works but doesn't show login screen - not sure if that is working...
key trick was to add secret separately and refer to it
and to add some allowed token audiences
not sure exactly which matter
same problem again - perhaps because something is getting wiped everytime i re-push with github action
despite adding secret via google and everything being the same as above the login still isn't working
so i've tried setting
where the secret is defined as
so i tried using inprivate mode and the issue seems to be the cache
i think this confirms that this approach to referencing a secret is valid however as i got to the login screen and only the redirect failed. i'm not sure what is wrongw ith the redirect
https://github.com/Azure/azure-dev/issues/2479 thinking of giving up on key vault secrets entirely and instead pass the secret into the container directly
trying a few new approaches
{
"id": "/subscriptions/98d3a17a-a631-4a58-85f7-db2d9a7abae6/resourceGroups/rg-cnstlltn-prod/providers/Microsoft.App/containerApps/ca-web-4a73yskoiju2e",
"name": "ca-web-4a73yskoiju2e",
"type": "Microsoft.App/containerApps",
"location": "eastus",
"tags": {
"azd-env-name": "cnstlltn-prod",
"azd-service-name": "web"
}
},
only set these in google following instructions
i.e. correct setup should be (although it isn't working)
tehcnically i think the /.auth/me stuff never worked so it's just that the setting the true worked but that is different
maybe the answer is i shouldn't use /.auth/me at all on the front end
and instead access the information on the backend and use that userid etc. that way
so to be fair in this the microsoft tutorial it never mentions querying /.auth/me
i think i hsould do do it in the bakcend using the x-ms-client-prinicpal-id thing isntead - turns out i was barking up the wrong tree the whole time - i have screenshots of all the key variables so yeah looks okay
so worryingly it looked like i lost the authentication again (although not the secret) i think this is okay because for a while iw as mainly deleting the container apps and their environment because i didn't realise the thing i needed to stop was the deployment not the actually containers - i think that now i've added it back it will stay there - we'll see if i'm wrong i did have to updat ethe name of the app domain as well although i think this is a one off there basically isn't a good reason to go deleting instances really hmm because i switched from 2023-04-01-preview (check this) to 2022-11-01-preview i had to comment out the service binds - not sure what they are and if they are relevant umm if i'm feeling brave mabye i'll try adding them back but it's been so long since iv'e had a working deployment i'll wait a bit beofre updating - it's possible that is the reason but i think the main reason is i just deleted and as far as i know there is no way to add authentication via bicep you have to do it in the portal
also it doesn't load the constellation page
and when it does the user hasn't logged in