Description
openedon May 30, 2023
Prerequisites
- I read the Deployment and Setup section of the OpenCTI documentation as well as the Troubleshooting page and didn't find anything relevant to my problem.
- I went through old GitHub issues and couldn't find anything relevant
- I googled the issue and didn't find anything relevant
Description
Can't use the OpenID login with a proxy
I tried to setup the authentication with OpenID instead of LocalStrategy, my OpenCTI return me no errors in logs but I can see Firewall deny logs for the IP of my OpenID provider and no logs on my proxy, so my OpenCTI is bypassing my proxy settings only for OpenID. I don't want to open this flow directly on the FW without passing by my proxy.
Proxy settings has been set with HTTP_PROXXY HTTPS_PROXY and no_proxy for the OpenCTI core processes.
My connectors can crawl datas and their flows pass by the proxy.
Does Someone has set successfully the OpenID login with a proxy ?
Is it an already know issue ?
Environment
- Docker (on linux host with proxy settings done)
- OpenCTI version: 5.7.4
- OpenCTI client: /
- Other environment details:
Reproducible Steps
Using docker-compose file with this config:
- PROVIDERS__OPENID__STRATEGY=OpenIDConnectStrategy
- "PROVIDERS__OPENID__CONFIG__LABEL=Login with OpenID"
- PROVIDERS__OPENID__CONFIG__ISSUER=https:///auth/realms/xxxx
- PROVIDERS__OPENID__CONFIG__CLIENT_ID=
- PROVIDERS__OPENID__CONFIG__CLIENT_SECRET=
- "PROVIDERS__OPENID__CONFIG__REDIRECT_URIS=["https://opencti./auth/oic/callback"]"
I read on this node-openid issue (panva/openid-client#22) that the proxy settings for panva-node-openid has to be set inside the code, I don't know if it the case for OpenCTI I can't find the related code inside my container to check it.
Thanks by advance
