Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Errors authenticating users #23

Open
lnfernux opened this issue Jan 12, 2021 · 4 comments
Open

Errors authenticating users #23

lnfernux opened this issue Jan 12, 2021 · 4 comments

Comments

@lnfernux
Copy link

Hey.

I'm having issues capturing tokens. My setup is similar to the recommended one, redirector and server.

The two issues I've had are the following:

  1. When I click the 10.10.10.10:1337/gettoken link (using redirector or not) I get redirected to office.com and the application backend tells me "successful authentication from:" - it looks like the redirect happens before the user actually authenticates, which might be due to the app registration I suppose. I'm planning on trying to make a new app registration to test this out with a new tenant.
  2. When I try selecting "view emails" the application throws an error and crashes, the errors message is "open template/live.html: no such file or directory". Might be related to the fact that the user is basically "empty" at this point.
@0x09AL
Copy link
Collaborator

0x09AL commented Jan 12, 2021

Hey @infernuxmonster,
Are you using the latest version of the toolkit ?
Please follow the guide for the configuration and use the Get Link button on the management portal to get the Authentication Link.
The /gettoken path is used to handle the token that is sent from Microsoft and is not meant to be visited directly.

@lnfernux
Copy link
Author

Yes, using the latest version.

I've gone over the guide again and the only changes I've made is changing the 127.0.0.1 to 0.0.0.0. For all intents and purposes the firewall allows traffic on port 8080 for all IPs I use for mgmt.

The get-url button for some reason returns a IP in the format of 10.10.10.10/32 format, pointing to the public IP of the server I have the toolkit running on. The firewall only allows access to 10.10.10.10 address from the redirector at 20.20.20.20. It just redirects port 30662. So the get-url address is only used at the redirector.

Am I misunderstanding something? The configuration file is as mentioned above, I've tried both configurations without luck. The app registration is configured as shown in the guide, withouth the /gettoken string in the url.

@pawp81
Copy link

pawp81 commented Oct 19, 2021

@infernuxmonster have you find a way to fix these two issues? I am facing the same problem

@pawp81
Copy link

pawp81 commented Oct 19, 2021

OK. I managed to fix the problem. The redirecturi in template.conf should be equal to ReplyURL configured in Azure AD app config.
I had it set to https://localhost/gettoken in template.conf which was wrong.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@0x09AL @lnfernux @pawp81