starred/headscale
1
0
Fork 0
mirror of https://github.com/juanfont/headscale.git synced 2026-01-13 12:50:32 +01:00
Code Issues 98 Packages Projects Releases 10 Wiki Activity

oidc username/email to create new namespace mapping is broken #143

New Issue
Closed
opened 2025-12-29 01:23:58 +01:00 by adam · 0 comments
adam commented 2025-12-29 01:23:58 +01:00
Owner
Copy Link

Originally created by @kyhwana on GitHub (Feb 28, 2022).

Bug description
When authing a new user via oidc (with email stripping DISABLED, I didn't test with it enabled) the following error occures and the namespace isn't created:

[GIN] 2022/02/27 - 21:54:06 | 302 |     118.701µs | redacated  | GET      "/oidc/register/mkey:redacated"
2022-02-27T21:54:06Z ERR ../home/runner/work/headscale/headscale/oidc.go:319 > could not find or create namespace error="Namespace not found" namespace=redacatednamespace
[GIN] 2022/02/27 - 21:54:06 | 500 |  161.557551ms |  redacated | GET      "/oidc/callback?code=0redacated"
2022-02-27T21:54:09Z WRN Ignoring request, cannot find machine with key mkey:redacated handler=PollNetMap
[GIN] 2022/02/27 - 21:54:09 | 401 |    1.083608ms |   118.92.104.24 | POST     "/machine/redacated/map"

To Reproduce

With email stripping disabled, configure an oidc (tested with azure ad) and have a user attempt to login with username@example.org.

Context info

  • 0.15-beta1
  • tailscale client 1.22.0
  • Client OS Windows 11
[GIN] 2022/02/27 - 21:54:06 | 302 |     118.701µs | redacated  | GET      "/oidc/register/mkey:redacated"
2022-02-27T21:54:06Z ERR ../home/runner/work/headscale/headscale/oidc.go:319 > could not find or create namespace error="Namespace not found" namespace=redacatednamespace
[GIN] 2022/02/27 - 21:54:06 | 500 |  161.557551ms |  redacated | GET      "/oidc/callback?code=0redacated"
2022-02-27T21:54:09Z WRN Ignoring request, cannot find machine with key mkey:redacated handler=PollNetMap
[GIN] 2022/02/27 - 21:54:09 | 401 |    1.083608ms |   118.92.104.24 | POST     "/machine/redacated/map"

I fixed and tested this with the following fix:
Line 302 of oidc.go changed from if errors.Is(err, gorm.ErrRecordNotFound) { to if errors.Is(err, errNamespaceNotFound) {
I also had to comment out line 20 of oidc.go "gorm.io/gorm" because the go compiler complained that gorm wasn't being used :)

It looks like getnamespace returns "errNamespaceNotFound" ("Namespace not found") but the if statement on line 302 is just looking for gorm.ErrRecordNotFound and so it falls through to line 317 } else if err != nil { and errors out.

Originally created by @kyhwana on GitHub (Feb 28, 2022). **Bug description** When authing a new user via oidc (with email stripping DISABLED, I didn't test with it enabled) the following error occures and the namespace isn't created: ``` [GIN] 2022/02/27 - 21:54:06 | 302 | 118.701µs | redacated | GET "/oidc/register/mkey:redacated" 2022-02-27T21:54:06Z ERR ../home/runner/work/headscale/headscale/oidc.go:319 > could not find or create namespace error="Namespace not found" namespace=redacatednamespace [GIN] 2022/02/27 - 21:54:06 | 500 | 161.557551ms | redacated | GET "/oidc/callback?code=0redacated" 2022-02-27T21:54:09Z WRN Ignoring request, cannot find machine with key mkey:redacated handler=PollNetMap [GIN] 2022/02/27 - 21:54:09 | 401 | 1.083608ms | 118.92.104.24 | POST "/machine/redacated/map" ``` **To Reproduce** With email stripping disabled, configure an oidc (tested with azure ad) and have a user attempt to login with username@example.org. **Context info** - 0.15-beta1 - tailscale client 1.22.0 - Client OS Windows 11 ``` [GIN] 2022/02/27 - 21:54:06 | 302 | 118.701µs | redacated | GET "/oidc/register/mkey:redacated" 2022-02-27T21:54:06Z ERR ../home/runner/work/headscale/headscale/oidc.go:319 > could not find or create namespace error="Namespace not found" namespace=redacatednamespace [GIN] 2022/02/27 - 21:54:06 | 500 | 161.557551ms | redacated | GET "/oidc/callback?code=0redacated" 2022-02-27T21:54:09Z WRN Ignoring request, cannot find machine with key mkey:redacated handler=PollNetMap [GIN] 2022/02/27 - 21:54:09 | 401 | 1.083608ms | 118.92.104.24 | POST "/machine/redacated/map" ``` I fixed and tested this with the following fix: Line 302 of oidc.go changed from ``` if errors.Is(err, gorm.ErrRecordNotFound) { ``` to ``` if errors.Is(err, errNamespaceNotFound) { ``` I also had to comment out line 20 of oidc.go ``` "gorm.io/gorm" ``` because the go compiler complained that gorm wasn't being used :) It looks like getnamespace returns "errNamespaceNotFound" ("Namespace not found") but the if statement on line 302 is just looking for gorm.ErrRecordNotFound and so it falls through to line 317 ``` } else if err != nil { ``` and errors out.
adam added the bug label 2025-12-29 01:23:58 +01:00
adam closed this issue 2025-12-29 01:23:58 +01:00
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
CLI
DERP
DNS
Nix
OIDC
SSH
bug
database
documentation
duplicate
enhancement
faq
good first issue
grants
help wanted
might-come
needs design doc
needs investigation
no-stale-bot
out of scope
performance
policy 📝
pull-request
Mirrored from GitHub Pull Request
 question
regression
routes
stale
tags
tailscale-feature-gap
well described ❤️
wontfix
No Label bug
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
adam
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: starred/headscale#143
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?