supermarket
supermarket copied to clipboard
Open Resty oc_id error when redirected to chef server
I'm running chef-server-core 12.1.2 and supermarket 1.12.0-alpha.0
https://supermarket.internalcompany.com/sign-in redirects me to https://chef.internalcompany.com/id/oauth/authorize?client_id=3b4d28436d2702606b65f0d568957a777815ee956e06d0e50c926bf142fe4852&redirect_uri=https%3A%2F%2Fsupermarket.internalcompany.com%2Fauth%2Fchef_oauth2%2Fcallback&response_type=code&state=ee950496273c964c24e7d9c2fee2f017150f14cee821372e
Which gives a 502 Bad Gateway openresty/1.7.10.1 error.
What should I do to track down the error?
[root@chef ~]# cat /etc/opscode/chef-server.rb
oc_id['applications'] = {
'supermarket' => {
'redirect_uri' => 'https://supermarket.internalcompany.com/auth/chef_oauth2/callback'
}
}
[root@chef ~]# cat /etc/opscode/oc-id-applications/supermarket.json
{
"name": "supermarket",
"uid": "3b4d28436d2702606b65f0d568957a777815ee956e06d0e50c926bf142fe4852",
"secret": "ZZZf938b281XXXXeee7b3467YYY",
"redirect_uri": "https://supermarket.internalcompany.com/auth/chef_oauth2/callback"
}
[root@supermarket ~]$ cat /etc/supermarket/supermarket.json
{
"github_key": "KEYBAR",
"github_secret": "FOBARBAZ",
"chef_server_url": "https://chef.internalcompany.com",
"chef_oauth2_url": "https://chef.internalcompany.com",
"chef_oauth2_app_id": "3b4d28436d2702606b65f0d568957a777815ee956e06d0e50c926bf142fe4852",
"chef_oauth2_secret": "FOOBARBAZ",
"chef_oauth2_verify_ssl": false
}
That is very likely due to a known bug with oc-id and IPv6.
Could you run this command on your chef server (not your supermarket server)? $ss -ontap | grep 9090
And check out whether it is bound to ::1 rather than 127.0.0.1?
If it is, you can either
- remove the localhost entry for the IPv6 address
- (this is what I would recommend) You can set oc_id['vip'] = 'localhost' in your chef-server.rb then run chef-server-ctl reconfigure
Please let me know if this helps!
Here's a full write up of the work around :)
https://gist.github.com/nellshamrell/c4236446b41943a5ea41
Closing this for now, let us know if the problem persists.
I have the 502 bad gateway error for my supermarket-chef server integration. When I click sign in on supermarket page, it goes to chef server and displays the error.
ss -ontap | grep 9090
ESTAB 0 0 127.0.0.1:11002 127.0.0.1:49090
ESTAB 0 0 127.0.0.1:49090 127.0.0.1:11002
Any idea how to fix this error?
Reopening this so we can take a look :)
Hi @snowtigger - what version of Chef server and what version of Supermarket are you running?