I have an instance of On-Prem builder that I have installed and I am attempting to connect to an unconventional Oauth2 source (Chef Server). I have confirmed the redirect and the settings of the authorize and token urls. When I click on the login button I am correctly directed to the authorize page. I authorize the app and the code?=hash is sent back I see the token in the dev tools I then get a 502 Bad Gateway and an rg:auth:1 error pops up in the bottom corner. In the nginx log I see a warning for certificate verification failure but no other errors in the logs for either the builder-api or the builder-proxy.
Greetings and salutations!
Sadly, we don’t currently support Chef Server as an Oauth provider. Our current list of supported Oauth providers are listed in the README. Since each Oauth provider is slightly different from the rest, we need to create a new provider for each new Oauth source. If you’re interested in working on an Oauth provider for Chef Server, you can see the list of current providers and how they’re implemented here. If the Rust learning curve seems a bit high, you’re also welcome to file an issue to request we add Chef Server to our list of supported Oauth providers.
All of that said, it’s entirely possible that, given enough information about Chef Server’s Oauth implementation, you could make it work by shoehorning the config into one of the existing providers. But that’s not something we support.
@raskchanky So I am using the github provider right now the rust curve is not really the problem. The main reason for opening the issue in forum was cause the error from this mornings authentication outage was the same as the one when I connect it to the Chef Server and I was hopeing to get more information as to what the fix action was. So that I could test it and see if I can get the the oauth piece working.
Ah, that makes sense. The rg:auth:1 error that came up this morning in the Builder outage is a generic catch-all authentication error that is shown when there’s nothing more specific we can say. It effectively just means “something weird happened that we didn’t expect”. The Builder outage itself was caused by applying an incorrect config file to the API server, which also handles authentication. So in this particular case, despite the same error code, these two things aren’t related. Sorry!