Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

OIDC google login with groups does not work for us #1930

Open
ndonthiFadi opened this issue Sep 3, 2024 · 1 comment
Open

OIDC google login with groups does not work for us #1930

ndonthiFadi opened this issue Sep 3, 2024 · 1 comment
Labels
wait for reply Need more information from reporter

Comments

@ndonthiFadi
Copy link

ndonthiFadi commented Sep 3, 2024
edited
Loading

We have a google group created to maintain the users there, at akhq login we should get login to users in that group but with the present documentation and as we tried below this does not work. is there any alternative or workaround for this ?

This is my test AKHQ config using docker compose:

version: '3.7'
services:
  akhq:
    image: tchiotludo/akhq
    environment:
      AKHQ_CONFIGURATION: |
        micronaut:
          security:
            token:
              jwt:
                cookie:
                  enabled: true
                signatures:
                  secret:
                    generator:
                      secret: "xxx"            
            oauth2:
              enabled: true
              clients:
                google:
                  client-id: "xxxx"
                  client-secret: "xxx"
                  openid:
                    issuer: "https://accounts.google.com"
        akhq:
          connections:
            docker-kafka-server:
              properties:
                bootstrap.servers: "kafka:9092"
          security:
            default-group: no-role          
            roles:
              topic-reader:
                - resources: [ "TOPIC", "TOPIC_DATA" ]
                  actions: [ "READ" ]
                - resources: [ "TOPIC" ]
                  actions: [ "READ_CONFIG" ]
              topic-writer:
                - resources: [ "TOPIC", "TOPIC_DATA" ]
                  actions: [ "CREATE", "UPDATE" ]
                - resources: [ "TOPIC" ]
                  actions: [ "ALTER_CONFIG" ]
            groups:
              topic-reader-all:
                - role: topic-reader
                  patterns: [ "*" ]
              topic-writer-all:
                - role: topic-writer
                  patterns: [ "*" ]
            oidc:
              enabled: true
              providers:
                google:
                  label: "Login with Google"
                  default-group: no-roles
                  groups:
                    - name: [email protected]
                      groups:
                        - topic-reader-all


    ports:
      - "8080:8080"
    depends_on:
      - kafka

  zookeeper:
    image: confluentinc/cp-zookeeper:latest
    environment:
      ZOOKEEPER_CLIENT_PORT: 2181
      ZOOKEEPER_TICK_TIME: 2000

  kafka:
    image: confluentinc/cp-kafka:latest
    depends_on:
      - zookeeper
    environment:
      KAFKA_BROKER_ID: 1
      KAFKA_ZOOKEEPER_CONNECT: zookeeper:2181
      KAFKA_ADVERTISED_LISTENERS: PLAINTEXT://kafka:9092
      KAFKA_OFFSETS_TOPIC_REPLICATION_FACTOR: 1
@github-project-automation github-project-automation bot moved this to Backlog in Backlog Sep 3, 2024
@AlexisSouquiere
Copy link
Collaborator

Please give us more information to investigate. What is the behaviour when a user tries to login ? What are the logs (DEBUG level) ?

@AlexisSouquiere AlexisSouquiere added the wait for reply Need more information from reporter label Sep 17, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
wait for reply Need more information from reporter
Projects
Backlog
Status: Backlog
Milestone
No milestone
Development

No branches or pull requests
2 participants
@AlexisSouquiere @ndonthiFadi