plugin-oauth2 icon indicating copy to clipboard operation
plugin-oauth2 copied to clipboard

Published 20 hours ago verified publisher icon kanboard

External authentication failed

Open Electromaster232 opened this issue 2 years ago • 4 comments
trafficstars

Actual behaviour

Error shown "External authentication failed"

Expected behaviour

User is logged in

Steps to reproduce

OAuth2 is configured with our corporate IdP, Authentik. All that is needed to trigger the error is to configure the provider and then attempt to login. No other information is provided besides the error and I am unsure how to debug this issue.

Configuration

  • Plugin version: 1.0.2
  • Kanboard version: 1.2.27
  • Database type and version: MySQL 10.3.34-MariaDB-log-cll-lve
  • PHP version: 7.4.29
  • OS: Linux 4.18.0-348.20.1.lve.1.el7h.x86_64
  • Browser: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36

Attached you will find logs with debug mode activated kanboardlogs.txt

Electromaster232 avatar Mar 27 '23 17:03 Electromaster232

Also getting this error although I have different logs Using keycloak I get the error message Warning: Trying to access array offset on null in /var/www/app/app/Core/User/UserProfile.php on line 56 when trying to log in

I also have the following in my kanboard logs

PHP message: PHP Warning:  Trying to access array offset on null in /var/www/app/app/Core/User/UserProfile.php on line 56"
PHP message: Kanboard: user Unknown authentication failure with IP address: <IP address>"
2023/12/21 19:16:55 [error] 15#15: *201 FastCGI sent in stderr: "PHP message: PHP Warning:  Trying to access array offset on null in /var/www/app/app/Core/User/UserProfile.php on line 56; PHP message: Kanboard: user Unknown authentication failure with IP address: 185.209.196.228" while reading response header from upstream, client: 172.18.0.1, server: localhost, request: "GET /oauth/callback?state=<token> HTTP/1.1", upstream: "fastcgi://unix:/var/run/php-fpm.sock:", host: "<mydomain>"

I looked at the code and this seems to be related to LDAP group sync. I tried setting LDAP_GROUP_SYNC to false but the error stil lhappens

I have no group key and group filter configured in the oauth settings

uniqueNullptr2 avatar Dec 21 '23 19:12 uniqueNullptr2

I have the same problem and error authenticating with EntraID

Trapulo avatar Apr 03 '24 14:04 Trapulo

I solved fixing user API url as "https://graph.microsoft.com/v1.0/me", not as described in plugin's doc

Trapulo avatar Apr 03 '24 14:04 Trapulo