cloudflared icon indicating copy to clipboard operation
cloudflared copied to clipboard
verified publisher icon cloudflare

🐛`cloudflared access login` works but returns timeout error

Open Wardrop opened this issue 3 years ago • 3 comments

Describe the bug When using cloudflared access login <service-domain> to authenticate on a client, after successfully opening up a browser window for authentication (if token isn't already cached), it returns the following error instead of displaying the token. Despite the error, the token is successfully received and the tunnel can be established.

2022-08-23T00:52:48Z ERR Could not verify token error="Get \"https://test-gateway.xxxx.com\": context deadline exceeded (Client.Timeout exceeded while awaiting headers)"

To Reproduce Steps to reproduce the behavior:

  1. Create tunnel endpoint on a server (configure via command line or web UI)
  2. Create and configure application in Cloudflare Zero web portal
  3. Attempt to authenticate using cloudflared access login <service-domain>

If it's an issue with Cloudflare Tunnel: 4. Tunnel ID: 6a27afe6-987e-4c35-abd3-0b35eb813223 5. cloudflared config: ?

Expected behavior The command cloudflared access login <service-domain> should return the token and shouldn't be displaying an error.

Environment and versions

  • OS: Windows 11
  • Architecture: Intel x64
  • Version: 2022.8.2

Additional context If I restart the tunnel service/daemon on the server end and try authenticating on the client, it works as expected for about 10 seconds but then starts spitting out the error again. I believe it may be a problem on the server-end but I have no idea how to troubleshoot it.

Wardrop avatar Aug 23 '22 01:08 Wardrop

Are you able to access the site by temporary disabling cloudflare access?

iAmSaugata avatar Sep 07 '22 16:09 iAmSaugata

Are you able to access the site by temporary disabling cloudflare access?

As mentioned, it works regardless and does actually seem to be successfully authenticating, it's just throwing a misleading error. The error makes it seem like it hasn't worked when in fact it has. This is confusing for end users, hence this bug report.

Wardrop avatar Nov 03 '22 23:11 Wardrop

Just to confirm, this still occurs. Everything works, except this error shows. I'm trying to programatically connect so this fake error is a problem as I can't reliably determine whether the authentication has been successful or not.

2022-11-07T01:32:25Z ERR Could not verify token error="Get \"https://rdgateway.xxx.xxx\": context deadline exceeded (Client.Timeout exceeded while awaiting headers)"

If I stop the service on the tunnel server, it returns the token without an error. I've recreated the tunnel, I've tried a different server. If someone could just try to recreate the issue on their end and let me know how they go, that may at least give me a hint that it must be specific to my environment.

Does this not happen to anyone else when authenticating using the command cloudflared access login <service-domain>?

Wardrop avatar Nov 07 '22 01:11 Wardrop

I notice in more recent releases, instead of getting the timeout error, it just sits there and the executable never exits. I depend on the this command to behave consistantly for the client application our staff use for remote desktop. How am I meant to know if the user has successfully authenticated or not if the command never returns anything and never exits? Same thing happens regardless of whether the user is already authenticated or not. Exrcutable continues to run and never exits.

To work around this I'm going to have to loop cloudflared.exe access token --app <app> in another thread until it returns to the token. It's making something that should be really simple into something quite cumbersone.

Wardrop avatar Apr 27 '23 04:04 Wardrop