Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add Azure to OAUTH #2387

Closed
Andy--Rose opened this issue Nov 17, 2017 · 6 comments
Closed

Add Azure to OAUTH #2387

Andy--Rose opened this issue Nov 17, 2017 · 6 comments
Assignees
@nhaugo @goller
Labels
enhancement help wanted
Milestone
1.4.0

Comments

@Andy--Rose
Copy link

Please add Azure to supported Oauth providers.

Andy Rose
The Trade Desk
@goller
Copy link
Contributor

goller commented Nov 17, 2017

Hey @Andy--Rose , thanks for writing in!

@kevinhogan111 did you end up figuring out the right settings for this? Or does chronograf need direct support for azure?

@kevinhogan111
Copy link

kevinhogan111 commented Nov 18, 2017
edited by timhallinflux
Loading

We weren't able to able to find the right settings to get this working. The error I kept getting was: level=error msg="Unable to exchange code for token oauth2: cannot fetch token: 400 Bad Request\nResponse: {\"error\":\"invalid_resource\",\"error_description\":\"AADSTS50001: Resource identifier is not provided.

We think chronograf may need something similar to bmorton mentions in their comment from March 24th here: golang/oauth2#112

@nhaugo nhaugo added this to the 1.4.0 milestone Nov 21, 2017
@goller
Copy link
Contributor

goller commented Nov 21, 2017

@kevinhogan111 what command-line options did you try?

@tyauvil
Copy link

tyauvil commented Nov 21, 2017

@goller I do believe that Chronograf is going to need Azure specific configuration, specifically the resource parameter.

This discussion on adding Azure to the bitly/oauth2_proxy should be relevant: bitly/oauth2_proxy#170

@goller goller self-assigned this Nov 21, 2017
@goller
Copy link
Contributor

goller commented Nov 21, 2017

@tyauvil great! I'm on it.

@goller goller mentioned this issue Nov 21, 2017
Merged
4 tasks
@goller
Copy link
Contributor

goller commented Nov 21, 2017

Ok, I have a PR #2400 up for review. I've added another option to allow override for oauth api url responses. The default is email but azure is userPrincipalName.

I'm thinking about making azure specific options, but, PR #2400 rounds out the generic oauth feature.

@nhaugo nhaugo closed this as completed Nov 30, 2017
@nhaugo nhaugo removed the delivered label Nov 30, 2017
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@nhaugo nhaugo

@goller goller

Labels
enhancement help wanted
Projects
None yet
Milestone
1.4.0
Development

No branches or pull requests
6 participants
@tyauvil @nhaugo @goller @Andy--Rose @timhallinflux @kevinhogan111