Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Bug]: Console flow broken for Azure AD (Entra) #1011

Closed
J-Hunter-Hawke opened this issue Aug 30, 2023 · 1 comment
Closed

[Bug]: Console flow broken for Azure AD (Entra) #1011

J-Hunter-Hawke opened this issue Aug 30, 2023 · 1 comment
Labels
bug needs triage Waiting for discussion / prioritization by team

Comments

@J-Hunter-Hawke
Copy link
Contributor

J-Hunter-Hawke commented Aug 30, 2023
edited by dopey
Loading

Steps to Reproduce

Set console: true in your defaults.json, and run step ssh login. Complete the authentication flow in the browser, and the client continuously polls.

Setting GODEBUG=http2debug=1 GODEBUG=http2debug=2 step ssh login
flags returns client conn errors

Your Environment

  • OS - MacOS
  • step CLI Version - 23.0

Expected Behavior

Successful authentication on the command line.

Actual Behavior

hunter@Hunters-MBP config % GODEBUG=http2debug=1 GODEBUG=http2debug=2 step ssh login
2023/08/30 14:48:49 http2: Transport failed to get client conn for ssh.esoteric-pineapple.ca.smallstep.com:443: http2: no cached connection was available
2023/08/30 14:48:49 http2: Transport creating client conn 0xc000462300 to 35.224.92.244:443
2023/08/30 14:48:49 http2: Framer 0xc0007d4380: wrote SETTINGS len=18, settings: ENABLE_PUSH=0, INITIAL_WINDOW_SIZE=4194304, MAX_HEADER_LIST_SIZE=10485760
2023/08/30 14:48:49 http2: Framer 0xc0007d4380: wrote WINDOW_UPDATE len=4 (conn) incr=1073741824
2023/08/30 14:48:49 http2: Transport encoding header ":authority" = "ssh.esoteric-pineapple.ca.smallstep.com"
2023/08/30 14:48:49 http2: Transport encoding header ":method" = "GET"
2023/08/30 14:48:49 http2: Transport encoding header ":path" = "/ssh/roots"
2023/08/30 14:48:49 http2: Transport encoding header ":scheme" = "https"
2023/08/30 14:48:49 http2: Transport encoding header "user-agent" = "Smallstep CLI/0.23.0 (darwin/amd64)"
2023/08/30 14:48:49 http2: Transport encoding header "accept-encoding" = "gzip"
2023/08/30 14:48:49 http2: Framer 0xc0007d4380: wrote HEADERS flags=END_STREAM|END_HEADERS stream=1 len=74
2023/08/30 14:48:49 http2: Framer 0xc0007d4380: read SETTINGS len=30, settings: MAX_FRAME_SIZE=1048576, MAX_CONCURRENT_STREAMS=250, MAX_HEADER_LIST_SIZE=1048896, HEADER_TABLE_SIZE=4096, INITIAL_WINDOW_SIZE=1048576
2023/08/30 14:48:49 http2: Transport received SETTINGS len=30, settings: MAX_FRAME_SIZE=1048576, MAX_CONCURRENT_STREAMS=250, MAX_HEADER_LIST_SIZE=1048896, HEADER_TABLE_SIZE=4096, INITIAL_WINDOW_SIZE=1048576
2023/08/30 14:48:49 Unhandled Setting: [HEADER_TABLE_SIZE = 4096]
2023/08/30 14:48:49 http2: Framer 0xc0007d4380: wrote SETTINGS flags=ACK len=0
2023/08/30 14:48:49 http2: Framer 0xc0007d4380: read SETTINGS flags=ACK len=0
2023/08/30 14:48:49 http2: Transport received SETTINGS flags=ACK len=0
2023/08/30 14:48:49 http2: Framer 0xc0007d4380: read WINDOW_UPDATE len=4 (conn) incr=983041
2023/08/30 14:48:49 http2: Transport received WINDOW_UPDATE len=4 (conn) incr=983041
2023/08/30 14:48:49 http2: Framer 0xc0007d4380: read HEADERS flags=END_HEADERS stream=1 len=42
2023/08/30 14:48:49 http2: decoded hpack field header field ":status" = "200"
2023/08/30 14:48:49 http2: decoded hpack field header field "content-type" = "application/json"
2023/08/30 14:48:49 http2: decoded hpack field header field "content-length" = "312"
2023/08/30 14:48:49 http2: decoded hpack field header field "date" = "Wed, 30 Aug 2023 18:48:49 GMT"
2023/08/30 14:48:49 http2: Transport received HEADERS flags=END_HEADERS stream=1 len=42
2023/08/30 14:48:49 http2: Framer 0xc0007d4380: read DATA flags=END_STREAM stream=1 len=312 data="{\"userKey\":[\"AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBKCaVWcM4db6OXJ3nK4DMa6tbyAUGyZhSsiIURxsSaa2LmX4c+4XgBgzuKv5PxB1TpFuOLzUWndJ+8cZaLit7H8=\"],\"hostKey\":[\"AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBCz4opZbRtRxt5PsMa0dhECuXQWpdeB1eTJF" (56 bytes omitted)
2023/08/30 14:48:49 http2: Transport received DATA flags=END_STREAM stream=1 len=312 data="{\"userKey\":[\"AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBKCaVWcM4db6OXJ3nK4DMa6tbyAUGyZhSsiIURxsSaa2LmX4c+4XgBgzuKv5PxB1TpFuOLzUWndJ+8cZaLit7H8=\"],\"hostKey\":[\"AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBCz4opZbRtRxt5PsMa0dhECuXQWpdeB1eTJF" (56 bytes omitted)
2023/08/30 14:48:49 http2: Transport failed to get client conn for ssh.esoteric-pineapple.ca.smallstep.com:443: http2: no cached connection was available
2023/08/30 14:48:49 http2: Transport creating client conn 0xc000462780 to 35.224.92.244:443
2023/08/30 14:48:49 http2: Framer 0xc0007d48c0: wrote SETTINGS len=18, settings: ENABLE_PUSH=0, INITIAL_WINDOW_SIZE=4194304, MAX_HEADER_LIST_SIZE=10485760
2023/08/30 14:48:49 http2: Framer 0xc0007d48c0: wrote WINDOW_UPDATE len=4 (conn) incr=1073741824
2023/08/30 14:48:49 http2: Transport encoding header ":authority" = "ssh.esoteric-pineapple.ca.smallstep.com"
2023/08/30 14:48:49 http2: Transport encoding header ":method" = "GET"
2023/08/30 14:48:49 http2: Transport encoding header ":path" = "/provisioners?limit=100"
2023/08/30 14:48:49 http2: Transport encoding header ":scheme" = "https"
2023/08/30 14:48:49 http2: Transport encoding header "user-agent" = "Smallstep CLI/0.23.0 (darwin/amd64)"
2023/08/30 14:48:49 http2: Transport encoding header "accept-encoding" = "gzip"
2023/08/30 14:48:49 http2: Framer 0xc0007d48c0: wrote HEADERS flags=END_STREAM|END_HEADERS stream=1 len=84
2023/08/30 14:48:49 http2: Framer 0xc0007d48c0: read SETTINGS len=30, settings: MAX_FRAME_SIZE=1048576, MAX_CONCURRENT_STREAMS=250, MAX_HEADER_LIST_SIZE=1048896, HEADER_TABLE_SIZE=4096, INITIAL_WINDOW_SIZE=1048576
2023/08/30 14:48:49 http2: Transport received SETTINGS len=30, settings: MAX_FRAME_SIZE=1048576, MAX_CONCURRENT_STREAMS=250, MAX_HEADER_LIST_SIZE=1048896, HEADER_TABLE_SIZE=4096, INITIAL_WINDOW_SIZE=1048576
2023/08/30 14:48:49 Unhandled Setting: [HEADER_TABLE_SIZE = 4096]
2023/08/30 14:48:49 http2: Framer 0xc0007d48c0: wrote SETTINGS flags=ACK len=0
2023/08/30 14:48:49 http2: Framer 0xc0007d48c0: read SETTINGS flags=ACK len=0
2023/08/30 14:48:49 http2: Transport received SETTINGS flags=ACK len=0
2023/08/30 14:48:49 http2: Framer 0xc0007d48c0: read WINDOW_UPDATE len=4 (conn) incr=983041
2023/08/30 14:48:49 http2: Transport received WINDOW_UPDATE len=4 (conn) incr=983041
2023/08/30 14:48:49 http2: Framer 0xc0007d48c0: read HEADERS flags=END_HEADERS stream=1 len=43
2023/08/30 14:48:49 http2: decoded hpack field header field ":status" = "200"
2023/08/30 14:48:49 http2: decoded hpack field header field "content-type" = "application/json"
2023/08/30 14:48:49 http2: decoded hpack field header field "content-length" = "631"
2023/08/30 14:48:49 http2: decoded hpack field header field "date" = "Wed, 30 Aug 2023 18:48:49 GMT"
2023/08/30 14:48:49 http2: Transport received HEADERS flags=END_HEADERS stream=1 len=43
2023/08/30 14:48:49 http2: Framer 0xc0007d48c0: read DATA flags=END_STREAM stream=1 len=631 data="{\"provisioners\":[{\"type\":\"SSHPOP\",\"name\":\"SSH POP\",\"claims\":{\"enableSSHCA\":true,\"disableRenewal\":false,\"allowRenewalAfterExpiry\":false}},{\"type\":\"OIDC\",\"name\":\"azuread\",\"clientID\":\"c1c3f0e7-c3e5-4f21-a6cb-d2f9f6797d74\",\"clientSecret\":\"JReR05XsB0@VXb_6XxfAX" (375 bytes omitted)
2023/08/30 14:48:49 http2: Transport received DATA flags=END_STREAM stream=1 len=631 data="{\"provisioners\":[{\"type\":\"SSHPOP\",\"name\":\"SSH POP\",\"claims\":{\"enableSSHCA\":true,\"disableRenewal\":false,\"allowRenewalAfterExpiry\":false}},{\"type\":\"OIDC\",\"name\":\"azuread\",\"clientID\":\"c1c3f0e7-c3e5-4f21-a6cb-d2f9f6797d74\",\"clientSecret\":\"JReR05XsB0@VXb_6XxfAX" (375 bytes omitted)
✔ Provisioner: azuread (OIDC) [client: c1c3f0e7-c3e5-4f21-a6cb-d2f9f6797d74]
2023/08/30 14:48:49 http2: Transport failed to get client conn for login.microsoftonline.com:443: http2: no cached connection was available
2023/08/30 14:48:50 http2: Transport failed to get client conn for login.microsoftonline.com:443: http2: no cached connection was available
Visit https://microsoft.com/devicelogin and enter the code: (press 'ENTER' to open default browser)
ABLQN5CQE
2023/08/30 14:48:55 http2: Transport failed to get client conn for login.microsoftonline.com:443: http2: no cached connection was available
2023/08/30 14:49:00 http2: Transport failed to get client conn for login.microsoftonline.com:443: http2: no cached connection was available
2023/08/30 14:49:04 http2: Framer 0xc0007d4380: read GOAWAY len=8 LastStreamID=1 ErrCode=NO_ERROR Debug=""
2023/08/30 14:49:04 http2: Transport received GOAWAY len=8 LastStreamID=1 ErrCode=NO_ERROR Debug=""
2023/08/30 14:49:04 http2: Framer 0xc0007d48c0: read GOAWAY len=8 LastStreamID=1 ErrCode=NO_ERROR Debug=""
2023/08/30 14:49:04 http2: Transport received GOAWAY len=8 LastStreamID=1 ErrCode=NO_ERROR Debug=""
2023/08/30 14:49:05 http2: Transport readFrame error on conn 0xc000462300: (*errors.errorString) EOF
2023/08/30 14:49:05 http2: Transport failed to get client conn for login.microsoftonline.com:443: http2: no cached connection was available
2023/08/30 14:49:05 http2: Transport readFrame error on conn 0xc000462780: (*errors.errorString) EOF
2023/08/30 14:49:10 http2: Transport failed to get client conn for login.microsoftonline.com:443: http2: no cached connection was available
2023/08/30 14:49:15 http2: Transport failed to get client conn for login.microsoftonline.com:443: http2: no cached connection was available
2023/08/30 14:49:21 http2: Transport failed to get client conn for login.microsoftonline.com:443: http2: no cached connection was available
2023/08/30 14:49:26 http2: Transport failed to get client conn for login.microsoftonline.com:443: http2: no cached connection was available
2023/08/30 14:49:31 http2: Transport failed to get client conn for login.microsoftonline.com:443: http2: no cached connection was available
2023/08/30 14:49:36 http2: Transport failed to get client conn for login.microsoftonline.com:443: http2: no cached connection was available
2023/08/30 14:49:41 http2: Transport failed to get client conn for login.microsoftonline.com:443: http2: no cached connection was available
2023/08/30 14:49:46 http2: Transport failed to get client conn for login.microsoftonline.com:443: http2: no cached connection was available
2023/08/30 14:49:51 http2: Transport failed to get client conn for login.microsoftonline.com:443: http2: no cached connection was available
2023/08/30 14:49:56 http2: Transport failed to get client conn for login.microsoftonline.com:443: http2: no cached connection was available
2023/08/30 14:50:02 http2: Transport failed to get client conn for login.microsoftonline.com:443: http2: no cached connection was available
2023/08/30 14:50:08 http2: Transport failed to get client conn for login.microsoftonline.com:443: http2: no cached connection was available

Additional Context

No response

Contributing

Vote on this issue by adding a 👍 reaction.
To contribute a fix for this issue, leave a comment (and link to your pull request, if you've opened one already).
@J-Hunter-Hawke J-Hunter-Hawke added bug needs triage Waiting for discussion / prioritization by team labels Aug 30, 2023
@hslatman
Copy link
Member

hslatman commented Sep 7, 2023

As discussed during triage, @dopey fixed this by changing the configuration in the Azure marketplace.

Please reopen if the problem persists.

@hslatman hslatman closed this as completed Sep 7, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug needs triage Waiting for discussion / prioritization by team
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@hslatman @J-Hunter-Hawke