Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bug: OIDC with Authentik no longer works all of a sudden #630

Open
clemcer opened this issue Jan 18, 2025 · 0 comments
Open

Bug: OIDC with Authentik no longer works all of a sudden #630

clemcer opened this issue Jan 18, 2025 · 0 comments
Labels
bug Something isn't working

Comments

@clemcer
Copy link

clemcer commented Jan 18, 2025

Is this urgent?

No

What parts are affected

Backend

What is the server version

v0.6.8

What is the client version

Web

What platform are you using

Web

What's the problem 🤔

OIDC no longer works all of a sudden. I am using Authentik and don't know when it happened but the container for the frontend no longer works when OIDC is enabled. OIDC for other services still work.

The last log message before the container stops is always:

oic.exception.CommunicationError: Trying 'https://auth.domain.de/application/o/kitchenowl/.well-known/openid-configuration';, status 403

when I click on the link from the logs in dozzle I first have to remove the ( ' ) at the end (probably a dozzle issue but I thought I would mention it) but then it returns this site as it should:

Image

Here are the kitchenowl logs:

Image

Share your logs



Share your configuration


services:
  db:
    image: postgres:15
    restart: unless-stopped
    environment:
      POSTGRES_DB: kitchenowl
      POSTGRES_USER: user
      POSTGRES_PASSWORD: password
    volumes:
      - ${APPDATA}/kitchenowl/kitchenowl_db:/var/lib/postgresql/data
    networks:
      - default
    healthcheck:
      test: ["CMD-SHELL", "pg_isready -d $${POSTGRES_DB} -U $${POSTGRES_USER}"]
      interval: 30s
      timeout: 60s
      retries: 5
      start_period: 80s
  back:
    image: tombursch/kitchenowl:latest
    restart: unless-stopped
    ports:
      - "8062:8080"
    networks:
      - default
      - proxy
    environment:
      - JWT_SECRET_KEY=secret
      - DB_DRIVER=postgresql
      - DB_HOST=db
      - DB_NAME=kitchenowl
      - DB_USER=user
      - DB_PASSWORD=password
      - FRONT_URL=https://kitchenowl.domain.com
      - OIDC_ISSUER=https://auth.domain.com/application/o/kitchenowl
      - OIDC_CLIENT_ID=ID
      - OIDC_CLIENT_SECRET=SECRETNev0N1B3eqL1HU
      - DISABLE_USERNAME_PASSWORD_LOGIN=false
    depends_on:
      - db
    volumes:
      - ${APPDATA}/kitchenowl/kitchenowl
    labels:
      - ALL THE TRAEFIK LABELS

origin"
      
volumes:
  kitchenowl_files:
    driver: local
  kitchenowl_db:
    driver: local

networks:
  default:
  proxy:

      		
    

      
  





        



            

              
            

        

      


      
    








      

    



      

  
            

    

      
    

    


      

          @clemcer
clemcer




          added
  the 

  bug

  Something isn't working
 label


      Jan 18, 2025

    

  



    

    

      
    

    


      

          @clemcer
clemcer




        changed the title
Bug:

Bug: OIDC with Authentik no longer works all of a sudden


      Jan 19, 2025

    

  












  
  

    

      

  





  




  
  

              

  
    Sign up for free
    to join this conversation on GitHub.
    Already have an account?
    Sign in to comment


  



  






  
                  




    

  


      
  

    Assignees
  



        

    No one assigned







      


  


  

    Labels
  



    

      

    bug

  Something isn't working








      

  

    

        

    Projects
  


        




    None yet




  



      


  

    
  

    Milestone
  


      No milestone





    
      
          


  

    
      

        
    

    Development
  




          
    
No branches or pull requests







    
  




      

    

  
      

  

    

      1 participant
    

    

        
          @clemcer