Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Env vars for client ID/secret in oauth2_introspection don't work anymore in v0.19.0-beta.1 #270

Closed
GuillaumeSmaha opened this issue Sep 30, 2019 · 1 comment · Fixed by #285
Closed

Env vars for client ID/secret in oauth2_introspection don't work anymore in v0.19.0-beta.1 #270

GuillaumeSmaha opened this issue Sep 30, 2019 · 1 comment · Fixed by #285

Comments

@GuillaumeSmaha
Copy link
Contributor

Describe the bug

Setting environment vars AUTHENTICATORS_OAUTH2_INTROSPECTION_PRE_AUTHORIZATION_CLIENT_ID and AUTHENTICATORS_OAUTH2_INTROSPECTION_PRE_AUTHORIZATION_CLIENT_SECRET doesn't work anymore since v0.19.0-beta.1

If I don't put client_id and client_secret in global configuration, none error is throw at start for the configuration file but the rules will throw an error without information:
time="2019-09-30T14:47:43Z" level=error msg="A rule uses a malformed configuration and all URLs matching this rule will not work. You should resolve this issue now." error="authenticator matching this route is misconfigured or disabled"

Global configuration for oauth2_introspection:

    authenticators:
      oauth2_introspection:
        enabled: true
        config:
          introspection_url: https://
          scope_strategy: none
          required_scope: []
          pre_authorization:
            enabled: true
            token_url: https://
            scope: []

Example of rule:

    - id: api
      upstream:
        url: http://backend
        preserve_host: true
      match:
        url: http://domain.com/api
        methods:
        - GET
        - POST
        - PUT
        - DELETE
        - PATCH
        - HEAD
        - OPTIONS
      authenticators:
      - handler: oauth2_introspection
      authorizer:
        handler: allow

Expected behavior

Env vars should be allowed for client id and secret to avoid saving secret in git repo.

Environment

  • Version:oryd/oathkeeper:v0.19.0-beta.1

Additional context

I think this is related to this commit and lines removal:
89709aa#diff-2449a6ea083767b149400840c05f41bdL58-L59
@koenmtb1
Copy link

koenmtb1 commented Oct 8, 2019

Can confirm. I'm having this issue too.

This was referenced Oct 17, 2019
Closed
Closed
@hypnoglow hypnoglow mentioned this issue Oct 21, 2019
Closed
6 tasks
@aeneasr aeneasr mentioned this issue Oct 26, 2019
Merged
aeneasr added a commit that referenced this issue Oct 26, 2019
@aeneasr
vendor: Update ory/x/viperx dependency
498b4a6 
This patch automatically binds environment variables to configuration keys. This patch resolves several issues:

- closes #276
- closes #270
- closes #279
- closes #280
@aeneasr aeneasr mentioned this issue Oct 26, 2019
Merged
aeneasr added a commit that referenced this issue Oct 27, 2019
@aeneasr
vendor: Update ory/x/viperx dependency (#285)
0ef3bce 
This patch automatically binds environment variables to configuration keys. This patch resolves several issues:

- closes #276
- closes #270
- closes #279
- closes #280

Aösp resolves fsnotify permission test issues on macOS
jdelgadoalfonso added a commit to galgus/oathkeeper that referenced this issue Mar 12, 2020
@jdelgadoalfonso
fix: send a http GET request to kratos instead of copying original re…
45d0d8a 
…quest method

Closes ory#270
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

vendor: Update ory/x/viperx dependency ory/oathkeeper
cmd: Run BindEnv() on boot ory/oathkeeper
2 participants
@GuillaumeSmaha @koenmtb1