Sylvain Rabot

Time machine backups over Tailscale 🤤

Hi there, Is anyone interested on working on this ? I'd do it myslef unfortunately I have no experience with Redis nor SSO knowledge. Regards.

Just leaving a message of encouragement because I'm really looking forward this 👍

@sporkmonger If you move forward with @katzdm reviews I'll will be happy to test it in my organization. Cheers.

Wonderful!

@sporkmonger Do you think it's ready to be tested ? I could give it a go tomorrow.

I've this error: ``` {"error":"unimplemented provider: \"azure\"","level":"error","msg":"","service":"sso-authenticator","time":"2019-02-07 10:45:08.2710"} {"error":"unimplemented provider: \"azure\"","level":"error","msg":"error creating new Authenticator","service":"sso-authenticator","time":"2019-02-07 10:45:08.2710"} ```

I managed to get further in the configuration but now I've this when I'm trying to log-in: ```json { "error": "could not verify id_token: oidc: expected audience \"\\n\" got [\"\"]",...

Ok So I had to patch go-oidc to move forward : https://github.com/sylr/go-oidc/commit/fe511a3a1419a6ed154e62d08757eb113544613a Now I've another error: ```json { "error": "could not get groups: api error: {\r\n \"error\": {\r\n \"code\": \"Authorization_RequestDenied\",\r\n...

Ok I'm moving forward again. Now I've a redirect_uri problem. Here the flow I'm experiencing for login: ``` -> (sso-proxy) https://prometheus-sso.mycompany.com/ -> (sso-auth) https://sso-auth.mycompany.com/sign_in?client_id=&redirect_uri=http://prometheus-sso.mycompany.com/oauth2/callback&... -> https://sso-auth.mycompany.com/start?redirect_uri=https://sso-auth.mycompany.com/sign_in?client_id=%0A&redirect_uri=http%3A%2F%2Fprometheus-sso.mycompany.com%2Foauth2%2Fcallback&response_type=code&scope=... -> https://login.microsoftonline.com//oauth2/v2.0/authorize?client_id=&... -> https://login.microsoftonline.com//reprocess?ctx=......