Hi I have configured ory oathkeeper to protect my react next Ory Community #talk-oathkeeper

Hi, I have configured ory oathkeeper to protect my...

witty-orange-14106

08/10/2023, 4:02 PM

Hi, I have configured ory oathkeeper to protect my react/next js route and for demo, I have just kept anonymous authenticators but every time I hit url I get 502 bad api gateway error. i am using using react app on local and oathkeeper on docker. this is my oathkeeper config

Copy code

log:
  level: debug
  format: json

serve:
  proxy:
    cors:
      enabled: true
      allowed_origins:
        - "*"
      allowed_methods:
        - POST
        - GET
        - PUT
        - PATCH
        - DELETE
      allowed_headers:
        - Authorization
        - Content-Type
      exposed_headers:
        - Content-Type
      allow_credentials: true
      debug: true


authenticators:
  anonymous:
    enabled: true
    config:
      subject: guest

  unauthorized:
    enabled: true

authorizers:
  allow:
    enabled: true

errors:
  fallback:
    - json
  handlers:
    json:
      enabled: true
      config:
        verbose: true

access_rules:
  repositories:
    - file:///etc/config/oathkeeper/oathkeeper_rules.yml
mutators:
  noop:
    enabled: true

  id_token:
    enabled: true
    config:
      issuer_url: <http://localhost:4455/>
      jwks_url: file:///etc/config/oathkeeper/jwks.json
      claims: '{"sub": "{{ print .Subject }}" }'

and these are my rules

Copy code

- id: test
  upstream:
    url: "<http://localhost:3000/>"
  match:
    url: "<http://localhost:4455/>"
    methods: ["POST","GET"]
  authenticators:
    - handler: anonymous
  authorizer:
    handler: allow
  mutators:
    - handler: id_token
      config:
        claims: '{"sub": "{{ print .Subject }}"}'

this is log when i hit localhost:4455/ url

Copy code

2023-08-10 21:30:55 time=2023-08-10T16:00:55Z level=info msg=started handling request http_request=map[headers:map[accept:text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 accept-encoding:gzip, deflate, br accept-language:en-US,en;q=0.9,ko;q=0.8 cache-control:max-age=0 connection:keep-alive cookie:Value is sensitive and has been redacted. To see the value set config key "log.leak_sensitive_values = true" or environment variable "LOG_LEAK_SENSITIVE_VALUES=true". dnt:1 sec-ch-ua:"Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115" sec-ch-ua-mobile:?0 sec-ch-ua-platform:"Windows" sec-fetch-dest:document sec-fetch-mode:navigate sec-fetch-site:none sec-fetch-user:?1 upgrade-insecure-requests:1 user-agent:Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36] host:localhost:4455 method:GET path:/ query:<nil> remote:192.168.32.1:43248 scheme:http]
2023-08-10 21:30:55 time=2023-08-10T16:00:55Z level=warning msg=Access request denied because roundtrip failed audience=application error=map[message:dial tcp 127.0.0.1:3000: connect: connection refused] granted=false http_host=localhost:3000 http_method=GET http_url=<http://localhost:3000/> http_user_agent=Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36 service_name=ORY Oathkeeper service_version=v0.40.2 subject=guest
2023-08-10 21:30:55 time=2023-08-10T16:00:55Z level=error msg=http: proxy error: dial tcp 127.0.0.1:3000: connect: connection refused audience=application error=map[message:dial tcp 127.0.0.1:3000: connect: connection refused] service_name=ORY Oathkeeper service_version=v0.40.2
2023-08-10 21:30:55 [cors] 2023/08/10 16:00:55 Handler: Actual request
2023-08-10 21:30:55 [cors] 2023/08/10 16:00:55   Actual request no headers added: missing origin
2023-08-10 21:30:55 time=2023-08-10T16:00:55Z level=info msg=completed handling request http_request=map[headers:map[accept:text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 accept-encoding:gzip, deflate, br accept-language:en-US,en;q=0.9,ko;q=0.8 cache-control:max-age=0 connection:keep-alive cookie:Value is sensitive and has been redacted. To see the value set config key "log.leak_sensitive_values = true" or environment variable "LOG_LEAK_SENSITIVE_VALUES=true". dnt:1 sec-ch-ua:"Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115" sec-ch-ua-mobile:?0 sec-ch-ua-platform:"Windows" sec-fetch-dest:document sec-fetch-mode:navigate sec-fetch-site:none sec-fetch-user:?1 upgrade-insecure-requests:1 user-agent:Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36] host:localhost:4455 method:GET path:/ query:<nil> remote:192.168.32.1:43248 scheme:http] http_response=map[headers:map[vary:Origin] size:0 status:502 text_status:Bad Gateway took:68.1712ms]

damp-lighter-78464

10/23/2023, 6:03 AM

Hey! Did you find the issue? Im getting a similar error when using docker compose

5 Views

Open in Slack

Previous Next