mirror of
https://github.com/fatedier/frp.git
synced 2026-05-15 08:05:49 -06:00
[GH-ISSUE #2038] frpc、frps开启oidc认证并启用authenticate_heartbeats,当多个frpc使用不同的client_id&client_secret连接frps,连接间歇性中断并报错 #1619
Labels
No labels
In Progress
WIP
WaitingForInfo
bug
doc
duplicate
easy
enhancement
future
help wanted
invalid
lifecycle/stale
need-issue-template
need-usage-help
no plan
proposal
pull-request
question
todo
No milestone
No project
No assignees
1 participant
Notifications
Due date
No due date set.
Dependencies
No dependencies set.
Reference: github-starred/frp#1619
Loading…
Add table
Add a link
Reference in a new issue
No description provided.
Delete branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Originally created by @yaoyao6 on GitHub (Oct 23, 2020).
Original GitHub issue: https://github.com/fatedier/frp/issues/2038
Issue is only used for submiting bug report and documents typo. If there are same issues or answers can be found in documents, we will close it directly.
Use the commands below to provide key information from your environment:
You do NOT have to include this information if this is a FEATURE REQUEST
What version of frp are you using (./frpc -v or ./frps -v)?
0.33
What operating system and processor architecture are you using (
go env)?run in docker image
alpine:latest
Configures you used:
frpc.ini
[common]
server_addr = 10.47.152.31
server_port = 7000
authentication_method = oidc
oidc_client_id = xxxxxxxxxx
oidc_client_secret = xxxxxxxxxxxxxxxxxxxxxx
oidc_token_endpoint_url = https://y.y.y.y/OAuth/oauth2/token
authenticate_heartbeats = true
frps.ini
[common]
bind_port = 7000
authentication_method = oidc
oidc_issuer = https://y.y.y.y/OAuth/
authenticate_heartbeats = true
Steps to reproduce the issue:
1.
frpc只有一个时,连接正常
frpc有多个,且配置不同的client_id\client_secret
Describe the results you received:
报错并连接中断:
[W] [control.go:467] [f5948c56e0c0563e] received invalid ping: received different OIDC subject in login and ping. original subject: 4SF7S0v5Et31lWmEok7DAdj1s1z5GHGw, new subject: LFjqI7k7DMtB1v8hPfUr030Svib06V7K
[control.go:157] [f5948c56e0c0563e] work connection closed before response StartWorkConn message: EOF
Describe the results you expected:
连接正常
Additional information you deem important (e.g. issue happens only occasionally):
Can you point out what caused this issue (optional)
@imarkofu commented on GitHub (Dec 21, 2021):
请教一下如何搭建一个OIDC服务
比如这里该建立哪些接口,接口参数和返回内容分别是什么
@zwc456baby commented on GitHub (Feb 18, 2022):
2022 同问。网上资料也没找到。使用第三方的 oidc 服务端,配置好各种参数之后,服务端启动成功。但是客户端总是出各种问题无法成功连上。
@blizard863 commented on GitHub (Mar 13, 2022):
本地搭建的话,最好用 docker 一键 run ,可以参考 https://hub.docker.com/r/richardknop/go-oauth2-server
可以使用第三方 SaaS 服务,如 authing,验证 frp 是完全没问题的。
这个问题,大概率是你的 oidc 授权服务器没有给多个 client 授权,只有一个授权成功了,可以检查下。
@Tongzhongren commented on GitHub (Jul 18, 2022):
您好,请问您的oidc是怎么搭建的,我搭建之后
login to server failed: couldn't generate OIDC token for login: oauth2: cannot fetch token: 400 Bad Request
Response: {"error":"server_error","error_description":"编程访问账号不存在!"}
couldn't generate OIDC token for login: oauth2: cannot fetch token: 400 Bad Request
Response: {"error":"server_error","error_description":"编程访问账号不存在!"}
@Tongzhongren commented on GitHub (Jul 18, 2022):
您好,请问您的oidc是怎么搭建的,我搭建之后
login to server failed: couldn't generate OIDC token for login: oauth2: cannot fetch token: 400 Bad Request
Response: {"error":"server_error","error_description":"编程访问账号不存在!"}
couldn't generate OIDC token for login: oauth2: cannot fetch token: 400 Bad Request
Response: {"error":"server_error","error_description":"编程访问账号不存在!"}
@github-actions[bot] commented on GitHub (Jan 13, 2023):
Issues go stale after 30d of inactivity. Stale issues rot after an additional 7d of inactivity and eventually close.