Argo-cd: Dex For Argocd does not support authentication with Atlassian Crowd Connector

Created on 24 Sep 2020 · 6Comments · Source: argoproj/argo-cd

If you are trying to resolve an environment-specific issue or have a one-off question about the edge case that does not require a feature then please consider asking a
question in argocd slack channel.

Checklist:

[x] I've searched in the docs and FAQ for my answer: https://bit.ly/argocd-faq.
[x] I've included steps to reproduce the bug.
[x] I've pasted the output of argocd version.

Describe the bug
Argocd cannot handle authentication thru Dex + Atlassian crowd connector

Clicking on login button, it takes time then, it show :

Failed to query provider "https://argo.mycompany.com/api/dex": Get "http://argocd-dex-server:5556/api/dex/.well-known/openid-configuration": dial tcp 10.103.253.72:5556: connect: connection refused

To Reproduce

Using argocd helm chart :

Set server.config.dex\.config to be:

    server:
        dex.config: |
          connectors:
          - type: atlassian-crowd
            # Required field for connector id.
            id: crowd
            # Required field for connector name.
            name: Crowd
            config:
              baseURL: http://crowd.crowd/crowd
              clientID: $ATLASSIAN_CROWD_APPLICATION_ID
              clientSecret: $ATLASSIAN_CROWD_CLIENT_SECRET
              preferredUsernameField: name

helm install ...

Expected behavior

I expected that Dex integrated with Argocd is able to connect with Atlassian crowd.
I expect that Argoc Auth-proxy handles Crowd connector differently ( it does not need button, because it does not read redirect. Instead, you must use Crowd API)

Screenshots

N/A

Version

argocd: v1.7.6+b04c25e
  BuildDate: 2020-09-19T00:53:13Z
  GitCommit: b04c25eca8f1660359e325acd4be5338719e59a0
  GitTreeState: clean
  GoVersion: go1.14.1
  Compiler: gc
  Platform: darwin/amd64
argocd-server: v1.7.6+b04c25e
  BuildDate: 2020-09-19T00:52:04Z
  GitCommit: b04c25eca8f1660359e325acd4be5338719e59a0
  GitTreeState: clean
  GoVersion: go1.14.1
  Compiler: gc
  Platform: linux/amd64
  Ksonnet Version: v0.13.1
  Kustomize Version: {Version:kustomize/v3.6.1 GitCommit:c97fa946d576eb6ed559f17f2ac43b3b5a8d5dbd BuildDate:2020-05-27T20:47:35Z GoOs:linux GoArch:amd64}
  Helm Version: version.BuildInfo{Version:"v3.2.0", GitCommit:"e11b7ce3b12db2941e90399e874513fbd24bcb71", GitTreeState:"clean", GoVersion:"go1.13.10"}
  Kubectl Version: v1.17.8

Logs

kubectl -n argocd logs -f argocd-dex-server-584d58b547-dvgx6

Dex throw out in the logs

 error parse config file /tmp/dex.yaml: error unmarshaling JSON: unknown connector type "atlassian-crowd"

bug

Source

abdennour

All 6 comments

Hey, you need to also set url in configuration, refer to https://argoproj.github.io/argo-cd/operator-manual/user-management/#2-configure-argo-cd-for-sso
I believe there is an appropriate parameter for the Helm chart as well.

jannfis on 24 Sep 2020

@jannfis I did .. But which URL ? crowd or argocd

abdennour on 24 Sep 2020

Oh, sorry, forget what I said - it clearly is about the connector. Sorry.

jannfis on 24 Sep 2020

👍1

So, turns out we are using Dex v2.22.0 and Atlassian Crowd connector was introduced in v2.23.0. So you can either try your luck with a manual upgrade of Dex image to v2.23.0 (might not work, for whatever reasons tho) or wait for us to provide an update.

jannfis on 24 Sep 2020

Let us know if it works, and we can upgrade dex.

jessesuen on 24 Sep 2020

👍1

Yep @jannfis ! I've checked dex release notes, and i can see that Crowd is well supported since v2.24.0.
I updated dex tag to latest in helm values