Hi guys. I’m having trouble when configuring Datahub with Google OIDC using docker compose
(docker 24.0.6
and docker compose v2.21.0
). The /callback/oidc/
returns http 502
after sign in with Google Accounts.
- The
datahub-frontend-react
logs
io.jsonwebtoken.MalformedJwtException: JWT strings must contain exactly 2 period characters. Found: 0
at io.jsonwebtoken.impl.DefaultJwtParser.parse(DefaultJwtParser.java:235)
at io.jsonwebtoken.impl.DefaultJwtParser.parse(DefaultJwtParser.java:481)
at io.jsonwebtoken.impl.DefaultJwtParser.parseClaimsJws(DefaultJwtParser.java:541)
at play.api.mvc.JWTCookieDataCodec$JWTFormatter.parse(Cookie.scala:736)
at play.api.mvc.JWTCookieDataCodec.decode(Cookie.scala:644)
at play.api.mvc.JWTCookieDataCodec.decode$(Cookie.scala:637)
at play.api.mvc.DefaultJWTCookieDataCodec.decode(Cookie.scala:816)
at auth.cookie.CustomSessionCookieBaker.decode(CustomSessionCookieBaker.scala:24)
at play.api.mvc.CookieBaker.decodeFromCookie(Cookie.scala:486)
at play.api.mvc.CookieBaker.decodeFromCookie$(Cookie.scala:480)
at play.api.mvc.DefaultSessionCookieBaker.decodeFromCookie(Session.scala:123)
at play.api.mvc.request.DefaultRequestFactory$$anon$3.create(RequestFactory.scala:121)
at play.api.mvc.request.DefaultRequestFactory$$anon$3.create(RequestFactory.scala:118)
at play.api.mvc.request.LazyCell.value(Cell.scala:69)
at play.mvc.Http$RequestHeader.session(Http.java:336)
at play.core.j.RequestHeaderImpl.session(JavaHelpers.scala:194)
at auth.AuthUtils.hasValidSessionCookie(AuthUtils.java:85)
at auth.AuthUtils.isEligibleForForwarding(AuthUtils.java:73)
at auth.Authenticator.getUsername(Authenticator.java:36)
at play.mvc.Security$AuthenticatedAction.call(Security.java:60)
at play.core.j.JavaAction.$anonfun$apply$8(JavaAction.scala:175)
at scala.concurrent.Future$.$anonfun$apply$1(Future.scala:659)
at scala.util.Success.$anonfun$map$1(Try.scala:255)
at scala.util.Success.map(Try.scala:213)
at scala.concurrent.Future.$anonfun$map$1(Future.scala:292)
at scala.concurrent.impl.Promise.liftedTree1$1(Promise.scala:33)
at scala.concurrent.impl.Promise.$anonfun$transform$1(Promise.scala:33)
at scala.concurrent.impl.CallbackRunnable.run(Promise.scala:64)
at play.core.j.HttpExecutionContext.$anonfun$execute$1(HttpExecutionContext.scala:64)
at play.api.libs.streams.Execution$trampoline$.execute(Execution.scala:70)
at play.core.j.HttpExecutionContext.execute(HttpExecutionContext.scala:59)
at scala.concurrent.impl.CallbackRunnable.executeWithValue(Promise.scala:72)
at scala.concurrent.impl.Promise$KeptPromise$Kept.onComplete(Promise.scala:372)
at scala.concurrent.impl.Promise$KeptPromise$Kept.onComplete$(Promise.scala:371)
at scala.concurrent.impl.Promise$KeptPromise$Successful.onComplete(Promise.scala:379)
at scala.concurrent.impl.Promise.transform(Promise.scala:33)
at scala.concurrent.impl.Promise.transform$(Promise.scala:31)
at scala.concurrent.impl.Promise$KeptPromise$Successful.transform(Promise.scala:379)
at scala.concurrent.Future.map(Future.scala:292)
at scala.concurrent.Future.map$(Future.scala:292)
at scala.concurrent.impl.Promise$KeptPromise$Successful.map(Promise.scala:379)
at scala.concurrent.Future$.apply(Future.scala:659)
at play.core.j.JavaAction.apply(JavaAction.scala:176)
at play.api.mvc.Action.$anonfun$apply$4(Action.scala:82)
at scala.concurrent.Future.$anonfun$flatMap$1(Future.scala:307)
at scala.concurrent.impl.Promise.$anonfun$transformWith$1(Promise.scala:41)
at scala.concurrent.impl.CallbackRunnable.run(Promise.scala:64)
at akka.dispatch.BatchingExecutor$AbstractBatch.processBatch(BatchingExecutor.scala:63)
at akka.dispatch.BatchingExecutor$BlockableBatch.$anonfun$run$1(BatchingExecutor.scala:100)
at scala.runtime.java8.JFunction0$mcV$sp.apply(JFunction0$mcV$sp.java:23)
at scala.concurrent.BlockContext$.withBlockContext(BlockContext.scala:85)
at akka.dispatch.BatchingExecutor$BlockableBatch.run(BatchingExecutor.scala:100)
at akka.dispatch.TaskInvocation.run(AbstractDispatcher.scala:49)
at akka.dispatch.ForkJoinExecutorConfigurator$AkkaForkJoinTask.exec(ForkJoinExecutorConfigurator.scala:48)
at java.base/java.util.concurrent.ForkJoinTask.doExec(ForkJoinTask.java:290)
at java.base/java.util.concurrent.ForkJoinPool$WorkQueue.topLevelExec(ForkJoinPool.java:1020)
at java.base/java.util.concurrent.ForkJoinPool.scan(ForkJoinPool.java:1656)
at java.base/java.util.concurrent.ForkJoinPool.runWorker(ForkJoinPool.java:1594)
at java.base/java.util.concurrent.ForkJoinWorkerThread.run(ForkJoinWorkerThread.java:183)```
2. My `docker-compose.yml`
```services:
datahub-frontend-react:
container_name: datahub-frontend-react
depends_on:
datahub-gms:
condition: service_healthy
environment:
- DATAHUB_GMS_HOST=datahub-gms
- DATAHUB_GMS_PORT=8080
- DATAHUB_SECRET=YouKnowNothing
- DATAHUB_APP_VERSION=1.0
- DATAHUB_PLAY_MEM_BUFFER_SIZE=10MB
- JAVA_OPTS=-Xms512m -Xmx512m -Dhttp.port=9002 -Dconfig.file=datahub-frontend/conf/application.conf -Djava.security.auth.login.config=datahub-frontend/conf/jaas.conf -Dlogback.configurationFile=datahub-frontend/conf/logback.xml -Dlogback.debug=false -Dpidfile.path=/dev/null
- KAFKA_BOOTSTRAP_SERVER=broker:29092
- DATAHUB_TRACKING_TOPIC=DataHubUsageEvent_v1
- ELASTIC_CLIENT_HOST=elasticsearch
- ELASTIC_CLIENT_PORT=9200
- METADATA_SERVICE_AUTH_ENABLED=true
- AUTH_OIDC_ENABLED=true
- AUTH_OIDC_CLIENT_ID=***************
- AUTH_OIDC_CLIENT_SECRET=**************
- AUTH_OIDC_DISCOVERY_URI=<https://accounts.google.com/.well-known/openid-configuration>
- AUTH_OIDC_BASE_URL=******************
- AUTH_OIDC_SCOPE=openid profile email
- AUTH_OIDC_USER_NAME_CLAIM=email
- AUTH_OIDC_USER_NAME_CLAIM_REGEX=([^@]+)
hostname: datahub-frontend-react
image: ${DATAHUB_FRONTEND_IMAGE:-linkedin/datahub-frontend-react}:${DATAHUB_VERSION:-head}```
3. For stable versions `v0.11.0` and `v0.10.5` , it only show error message: `Caught exception while attempting to redirect to SSO identity provider! It's likely that SSO integration is mis-configured`
Any help will be much appreciated!