Open luckylinux opened 5 months ago
mlsmaycon
commented
5 months ago hello @luckylinux can you share logs from the following containers:
dashboard:
docker compose logs dashboardmanagement
docker compose logs managementCan you also share the content of your setup.env? you can mask your domain names, and client IDs, just make sure your are using the same masking value for the same real values.
luckylinux
commented
5 months ago Sure @mlsmaycon
I had to adjust a bit the command though since I am using Podman and not Docker ...
podman logs netbird-dashboard
podman_logs_netbird-dashboard.log
podman logs netbird-management
podman_logs_netbird-management.log
setup.env
setup.env.txt
Zaryu
commented
4 months ago Are there any news on this? Also unauthenticated running via keycloak. Also getting the same CORS error as above. All set up like in the documentation mentioned above.
content.js:364 getEmbedInfo
content.js:425 OEMBED https://netbird.MYDOMAIN.tld/?state=EmabodHrAU&session_state=bf19a860-aa59-40d2-847a-6e70c172b05b&iss=https%3A%2F%2Fauth.MYDOMAIN.tld%2Frealms%2FMYREALM&code=fe9d32ef-9d35-4c23-8350-598ac78cf784.bf19a860-aa59-40d2-847a-6e70c172b05b.b7a2ec9a-1fc9-4850-a12c-d5ee66d01aff#callback
2731-e746de7d02695f25.js:1 Checking to see if there is an authorization response to be delivered.
2731-e746de7d02695f25.js:1 Potential authorization request https://netbird.MYDOMAIN.tld/ Object EmabodHrAU fe9d32ef-9d35-4c23-8350-598ac78cf784.bf19a860-aa59-40d2-847a-6e70c172b05b.b7a2ec9a-1fc9-4850-a12c-d5ee66d01aff undefined
2731-e746de7d02695f25.js:1 Delivering authorization response
/?state=EmabodHrAU&session_state=bf19a860-aa59-40d2-847a-6e70c172b05b&iss=https%3A%2F%2Fauth.MYDOMAIN.tld%2Frealms%2FMYREALM&code=fe9d32ef-9d35-4c23-8350-598ac78cf784.bf19a860-aa59-40d2-847a-6e70c172b05b.b7a2ec9a-1fc9-4850-a12c-d5ee66d01aff#callback:1 Access to fetch at 'https://auth.MYDOMAIN.tld/realms/MYREALM/protocol/openid-connect/token' from origin 'https://netbird.MYDOMAIN.tld' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
auth.MYDOMAIN.tld/realms/MYREALM/protocol/openid-connect/token:1
Failed to load resource: net::ERR_FAILED
2731-e746de7d02695f25.js:1
Uncaught (in promise) TypeError: Failed to fetch
at FetchRequestor.xhr (2731-e746de7d02695f25.js:1:82495)
at BaseTokenRequestHandler.performTokenRequest (2731-e746de7d02695f25.js:1:79114)
at AuthorizationNotifier.listener (2731-e746de7d02695f25.js:1:56541)
at AuthorizationNotifier.onAuthorizationComplete (2731-e746de7d02695f25.js:1:65206)
at 2731-e746de7d02695f25.js:1:66271Are there any news on this? Also unauthenticated running via keycloak. Also getting the same CORS error as above. All set up like in the documentation mentioned above.
content.js:364 getEmbedInfo content.js:425 OEMBED https://netbird.MYDOMAIN.tld/?state=EmabodHrAU&session_state=bf19a860-aa59-40d2-847a-6e70c172b05b&iss=https%3A%2F%2Fauth.MYDOMAIN.tld%2Frealms%2FMYREALM&code=fe9d32ef-9d35-4c23-8350-598ac78cf784.bf19a860-aa59-40d2-847a-6e70c172b05b.b7a2ec9a-1fc9-4850-a12c-d5ee66d01aff#callback 2731-e746de7d02695f25.js:1 Checking to see if there is an authorization response to be delivered. 2731-e746de7d02695f25.js:1 Potential authorization request https://netbird.MYDOMAIN.tld/ Object EmabodHrAU fe9d32ef-9d35-4c23-8350-598ac78cf784.bf19a860-aa59-40d2-847a-6e70c172b05b.b7a2ec9a-1fc9-4850-a12c-d5ee66d01aff undefined 2731-e746de7d02695f25.js:1 Delivering authorization response /?state=EmabodHrAU&session_state=bf19a860-aa59-40d2-847a-6e70c172b05b&iss=https%3A%2F%2Fauth.MYDOMAIN.tld%2Frealms%2FMYREALM&code=fe9d32ef-9d35-4c23-8350-598ac78cf784.bf19a860-aa59-40d2-847a-6e70c172b05b.b7a2ec9a-1fc9-4850-a12c-d5ee66d01aff#callback:1 Access to fetch at 'https://auth.MYDOMAIN.tld/realms/MYREALM/protocol/openid-connect/token' from origin 'https://netbird.MYDOMAIN.tld' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled. auth.MYDOMAIN.tld/realms/MYREALM/protocol/openid-connect/token:1 Failed to load resource: net::ERR_FAILED 2731-e746de7d02695f25.js:1 Uncaught (in promise) TypeError: Failed to fetch at FetchRequestor.xhr (2731-e746de7d02695f25.js:1:82495) at BaseTokenRequestHandler.performTokenRequest (2731-e746de7d02695f25.js:1:79114) at AuthorizationNotifier.listener (2731-e746de7d02695f25.js:1:56541) at AuthorizationNotifier.onAuthorizationComplete (2731-e746de7d02695f25.js:1:65206) at 2731-e746de7d02695f25.js:1:66271
My problem is solved. The issue was that the user somehow hasn't had the default-roles-apps role, and with that no uma_authorization and no offline_access roles. Put the role back an it works.
Describe the problem After trying to get Netbird Self Hosted with Authentik and getting weird errors (https://github.com/netbirdio/netbird/issues/1684) and no help so far, I decided to give a try to:
Nothing can be extracted from the logs of
keycloaknornetbird-managementDocker Container.Looking at https://github.com/netbirdio/netbird/issues/1590, I am also running into the "CORS Missing Allow Origin".
To Reproduce
Login Error: User state: UnauthenticatedExpected behavior
Netbird working correctly.
Are you using NetBird Cloud?
Netbird self-hosted.
NetBird version
netbird versionNetBird status -d output:
Not sure how to do this:
netbird-managementcontainer:netbird: command not foundnetbird-dashboardcontainer:netbird: command not foundnetbird-signalcontainer:Error: crun: executable file/bin/shnot found in $PATH: No such file or directory: OCI runtime attempted to invoke a command that was not foundnetbird-coturncontainer:netbird: command not foundScreenshots
Additional context
Environment same as in https://github.com/netbirdio/netbird/issues/1684 (Podman 4.9.3).