blackbox_exporter icon indicating copy to clipboard operation
blackbox_exporter copied to clipboard

Published 20 hours ago verified publisher icon prometheus

OAuth2 not working?

Open mapshen opened this issue 2 years ago • 3 comments

As per https://github.com/prometheus/blackbox_exporter/pull/784/files#diff-fe44f09c4d5977b5f5eaea29170b6a0748819c9d02271746a20d81a5f3efca17, OAuth2 support was released in 0.19.0. However, I couldn't find any relevant code in the code base. Is it expected to work? If so, it would be great if there is a sample config. Thanks!

mapshen avatar Jan 10 '22 22:01 mapshen

Maybe this could help. Add module something like that. We use keycloak as IDP with client settings serviceAccount enabled

             http_2xx_oauth:
                prober: http
                timeout: 5s
                http:
                  valid_http_versions: ["HTTP/1.1", "HTTP/2.0"]
                  follow_redirects: true
                  preferred_ip_protocol: "ip4"
                  valid_status_codes:
                    - 200
                  oauth2:
                    client_id: blackbox
                    client_secret: mysecret
                    scopes:
                    - email
                    token_url: "https://{{.Values.hostname}}.blub.de/auth/realms/bla/protocol/openid-connect/token"
                    endpoint_params:
                      grant_type: client_credentials

1337andre avatar Jun 22 '22 06:06 1337andre

Hello blackbox 0.22.0 is perfectly deployed : the probe: http://bbox-exporter.xxx.xxx/probe?target=https://api.xxx.xxx/actuator/health&module=http_aouth_prod is always 0! other probe with other module return 1 OK!

le module with Aouth :

 http_aouth_prod:
    prober: http
    http:
      valid_http_versions: ["HTTP/1.1", "HTTP/2"]
      preferred_ip_protocol: "ip4"
      valid_status_codes:
        - 200
      follow_redirects: true
      oauth2:
        client_id: "xyz"
        client_secret: "xxxxx"
        token_url: "https://xxx/v2/token"
        endpoint_params:
          grant_type: "client_credentials"

i test the api with postman so it's nickel! is it related to the note in the doc https://github.com/prometheus/blackbox_exporter/blob/master/CONFIGURATION.md ?:

NOTE: This is experimental in the blackbox exporter and might not be reflected properly in the probe metrics at the moment.

need help plz Thank you :)

Develoman avatar Sep 21 '22 15:09 Develoman

Hi @roidelapluie When i debug the probe :

level=error msg="Error for HTTP request" err="Get \"https://xx.xx.xx.xx/?q=xyz\": Post \"https://yy.yy.yy.yy/v2/token\": dial tcp yy.yy.yy.yy:443: connect: connection refused"

the config:

http_aouth_prod:
    prober: http
    http:
      preferred_ip_protocol: "ip4"
      valid_status_codes:
        - 200
        - 201
      follow_redirects: true
      oauth2:
        client_id: "xyz"
        client_secret: "xxxxx"
        token_url: "https://yy.yy.yy.yy/v2/token"
        endpoint_params:
          grant_type: "client_credentials"
      tls_config:
        insecure_skip_verify: true

Any idea!? Thank you

Develoman avatar Oct 05 '22 07:10 Develoman