search

warp-tech / warpgate

Smart SSH, HTTPS and MySQL bastion that requires no additional client-side software
Apache License 2.0
3.78k stars 117 forks source link

With a self-hosted oidc server, no error logs are reported and the browser returns status code 404 #1074

Open vitaaaaa1 opened 2 days ago

vitaaaaa1 commented 2 days ago

hello everyone,I tried to configure oidc.However, after I clicked on oidc to log in, the browser and the program log did not respond,The status code of the browser console,

https://warpgate.com:8888/@warpgate/api/sso/providers/oidc-custom/start
# 500 Internal Server Error
https://warpgate.com:8888/@warpgate/api/auth/state
# 404 Not Found

Other than that there are no error messages My oidc provider is Authentik And this is my is my program configuration file

- name: oidc-custom
  label: Custom SSO
  provider:
    type: custom
    client_id: xxx
    client_secret: xxxx
    issuer_url: https://authentik.xxx.com/application/o/warpgate/.well-known/openid-configuration
    scopes:
      - email
      - openid

These are my oidc provider information

OpenID Configuration URL 
https://authentik.xxx.com/application/o/warpgate/.well-known/openid-configuration
OpenID Configuration Issuer
https://authentik.xxx.com/application/o/warpgate/
Authorize URL
https://authentik.xxx.com/application/o/authorize/
Redirect URIs
https://warpgate.com:8888/@warpgate/api/sso/return

Someone can help me

Eugeny commented 2 days ago

Try using the URL without the /.well-known/openid-configuration suffix and if that doesn't help, run Warpgate with --debug and grab the output when trying to log in.

vitaaaaa1 commented 2 days ago

--debug I'm using docker compose to start my application, where should I add the debug parameter

version: '3'
services:
warpgate:
image: ghcr.io/warp-tech/warpgate
ports:
- 2222:2222
- 8888:8888
- 33306:33306
volumes:
- ./data:/data
stdin_open: true
tty: true
Eugeny commented 2 days ago

Add the command like this:

version: '3'
services:
  warpgate:
    image: ghcr.io/warp-tech/warpgate
    ports:
      - 2222:2222
      - 8888:8888
      - 33306:33306
    volumes:
      - ./data:/data
    stdin_open: true
    tty: true
    command: ['--debug', 'run']
vitaaaaa1 commented 1 day ago 
- name: oidc-custom
  label: Custom SSO
  provider:
    type: custom
    client_id: xxx
    client_secret: xxx
    issuer_url: https://authentik.com
    scopes:
      - email
      - openid

Brother, thank you, but the log is still not responding Click the oidc authentication button in the browser, still no response

vitaaaaa1 commented 1 day ago

Other programs to configure the oidc will require more parameters than issuer_url Like other parameters, like token_url userdata_url oauth_callback_url Am I missing any parameters, but I don't see any other parameters that need to be configured on the official website

Eugeny commented 1 day ago

Surely you're getting some output?

Screenshot 2024-09-30 at 12 22 04
vitaaaaa1 commented 1 day ago 
root@test-sys-lab-05:~/wargate/data# docker compose up 
WARN[0000] /root/wargate/docker-compose.yml: `version` is obsolete 
[+] Running 1/0
 ✔ Container wargate-warpgate-1  Created                                                                                                                                                              0.0s 
Attaching to warpgate-1
warpgate-1  | 10:30:45  INFO Warpgate version=0.10.2
warpgate-1  | 10:30:45  INFO Using config: "/data/warpgate.yaml"
warpgate-1  | 10:30:45  INFO --------------------------------------------
warpgate-1  | 10:30:45  INFO Warpgate is now running.
warpgate-1  | 10:30:45  INFO Accepting SSH connections on 0.0.0.0:2222
warpgate-1  | 10:30:45  INFO Accepting HTTP connections on https://0.0.0.0:8888
warpgate-1  | 10:30:45  INFO Accepting MySQL connections on 0.0.0.0:33306
warpgate-1  | 10:30:45  INFO --------------------------------------------
warpgate-1  | 10:30:45 DEBUG Database cleaned up, next in 60480s
warpgate-1  | 10:30:45  INFO Listening address=0.0.0.0:2222
warpgate-1  | 10:30:45  INFO Listening address=0.0.0.0:8888

docker ps --no-trunc
d3a81f0efca202605f80b30431f4fc32ad0fd96ce0acb84fe6d24fbb5cee9950   ghcr.io/warp-tech/warpgate   "warpgate --config /data/warpgate.yaml --debug run"   7 hours ago   Up 56 seconds                0.0.0.0:2222->2222/tcp, :::2222->2222/tcp, 0.0.0.0:8888->8888/tcp, :::8888->8888/tcp, 0.0.0.0:33306->33306/tcp, :::33306->33306/tcp   wargate-warpgate-1
Eugeny commented 1 day ago

Now try doing an OIDC login and see what gets logged