Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

OAuth2 SSO Login Broken #264

Closed
legoguy1000 opened this issue Apr 8, 2020 · 0 comments
Closed

OAuth2 SSO Login Broken #264

legoguy1000 opened this issue Apr 8, 2020 · 0 comments
Labels
bug
Milestone
3.1.0-RC1

Comments

@legoguy1000
Copy link

Request Type

Bug

Work Environment

Question Answer
OS version (server) Redhat
OS version (client) 7
Cortex version / git hash 3.0.0
Package Type Docker
Browser type & version Chome (latest)

Problem Description

I am setting up SSO login using OAuth2. I am using Keycloak as my IdP. When Cortex tries to exchange a code for a token, Keycloak returns a 400 Bad Request.

[error] o.t.c.s.OAuth2Srv - unexpected response from server: 400 <html><head><title>Error</title></head><body>Bad Request</body></html> [error] o.e.s.a.MultiAuthSrv - Authentication failure org.elastic4play.AuthenticationError: unexpected response from server

Steps to Reproduce

  1. Configure SSO and OAuth2 with Keycloak as the IdP
  2. Try to login

Possible Solutions

From my testing this line appears to be the problem, https://github.com/TheHive-Project/Cortex/blob/master/app/org/thp/cortex/services/OAuth2Srv.scala#L83. I have Hive SSO working and this is the only difference that I can see. Furthermore, when i use postman to send a POST request to the token endpoint with the "Accept: code" header, i get the 400 error. When I remove the Accept header, i receive the proper response.
@legoguy1000 legoguy1000 changed the title SSO Login Broken OAuth2 SSO Login Broken Apr 8, 2020
@nadouani nadouani added the bug label May 29, 2020
@nadouani nadouani added this to the 3.1.0-RC1 milestone May 29, 2020
To-om added a commit that referenced this issue Aug 12, 2020
@To-om
#264 OAuth2 refactoring
b4836af
@To-om To-om closed this as completed Aug 12, 2020
To-om added a commit that referenced this issue Aug 12, 2020
@To-om
#264 Update login page to use ssoLogin api
b1836de
To-om added a commit that referenced this issue Aug 13, 2020
@To-om
#264 Update application.sample
00d69ca
nadouani added a commit that referenced this issue Oct 28, 2020
@nadouani
#264 Fix OAuth scope config type
1cf82e6
nadouani added a commit that referenced this issue Oct 28, 2020
@nadouani
#264 Lower case user login on oauth
619b28a
nadouani added a commit that referenced this issue Oct 28, 2020
@nadouani
#264 Restyle the login page
4e39164
To-om pushed a commit that referenced this issue Oct 28, 2020
@nadouani @To-om
#264 Fix OAuth scope config type
70dcf09
To-om pushed a commit that referenced this issue Oct 28, 2020
@nadouani @To-om
#264 Lower case user login on oauth
425ed6e
To-om pushed a commit that referenced this issue Oct 28, 2020
@nadouani @To-om
#264 Restyle the login page
39cd9cf
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
3.1.0-RC1
Development

No branches or pull requests
3 participants
@nadouani @legoguy1000 @To-om