I am trying to get oathkeeper running for our development environment.
oathkeeper runs in docker, the services are running locally.
this is one of the rules:
{
"id": "access-my-service",
"version": "v0.40.6",
"upstream": {
"url": "
http://host.docker.internal:8082/v1/employees"
},
"match": {
"url": "
http://127.0.0.1:4455/v1/employees",
"methods": ["GET", "POST", "PUT", "DELETE"]
},
"authenticators": [
{
"handler": "cookie_session",
"config": {
"check_session_url": "
http://host.docker.internal:3000/api/.ory/sessions/whoami"
}
}
],
"authorizer": { "handler": "allow" },
"mutators": [{ "handler": "noop" }]
}
if I do
docker exec -it oathkeeper2-oathkeeper-1 ping
http://host.docker.internal:8082/v1/employees
ping: bad address '
http://host.docker.internal:8082/v1/employees'
I am not sure why that is.
If I do curl
http://127.0.0.1:4455/v1/employees
I get:
oathkeeper2-oathkeeper-1 | time=2023-11-10T23
4357Z level=warning msg=Access request denied audience=application error=map[debug: message:Access credentials are invalid reason: status:Unauthorized status_code:401] granted=false http_host=127.0.0.1:4455 http_method=GET http_url=
http://127.0.0.1:4455/v1/employees http_user_agent=curl/8.1.2 service_name=ORY Oathkeeper service_version=v0.40.6
and this response in postman
{
"error": {
"code": 401,
"status": "Unauthorized",
"message": "Access credentials are invalid"
}
}
while the session and csrf cookies are set.
Any Idea, what I am missing here?