URL:
https://github.com/SSSD/sssd/pull/5762
Title: #5762: krb5: add support for oauth2 challenge (wip)
justin-stephenson commented:
"""
Steps provided work well, I will look closer at the code and respond back.
~~~
Aug 26 21:03:52 master.ipa.vm ipa-otpd[69808]: LDAP:
ldapi://%2Frun%2Fslapd-IPA-VM.socket
Aug 26 21:03:52 master.ipa.vm ipa-otpd[69808]: tuser(a)IPA.VM: request received
Aug 26 21:03:52 master.ipa.vm ipa-otpd[69808]: tuser(a)IPA.VM: user query start
Aug 26 21:03:52 master.ipa.vm ipa-otpd[69808]: tuser(a)IPA.VM: user query end:
uid=tuser,cn=users,cn=accounts,dc=ipa,dc=vm
Aug 26 21:03:52 master.ipa.vm ipa-otpd[69808]: tuser(a)IPA.VM: radius query start:
cn=localhost,cn=radiusproxy,dc=ipa,dc=vm
Aug 26 21:03:52 master.ipa.vm ipa-otpd[69808]: tuser(a)IPA.VM: radius query end: 127.0.0.1
Aug 26 21:03:52 master.ipa.vm ipa-otpd[69808]: tuser(a)IPA.VM: forward start: tuser /
127.0.0.1
Aug 26 21:03:52 master.ipa.vm ipa-otpd[69808]: tuser(a)IPA.VM: forward end:
Access-Challenge
Aug 26 21:03:52 master.ipa.vm ipa-otpd[69808]: tuser(a)IPA.VM: response sent:
Access-Challenge
Aug 26 21:03:52 master.ipa.vm ipa-otpd[69808]: tuser(a)IPA.VM: request received
Aug 26 21:03:52 master.ipa.vm ipa-otpd[69808]: tuser(a)IPA.VM: user query start
Aug 26 21:03:52 master.ipa.vm ipa-otpd[69808]: tuser(a)IPA.VM: user query end:
uid=tuser,cn=users,cn=accounts,dc=ipa,dc=vm
Aug 26 21:03:52 master.ipa.vm ipa-otpd[69808]: tuser(a)IPA.VM: radius query start:
cn=localhost,cn=radiusproxy,dc=ipa,dc=vm
Aug 26 21:03:52 master.ipa.vm ipa-otpd[69808]: tuser(a)IPA.VM: radius query end: 127.0.0.1
Aug 26 21:03:52 master.ipa.vm ipa-otpd[69808]: tuser(a)IPA.VM: forward start: tuser /
127.0.0.1
Aug 26 21:03:52 master.ipa.vm ipa-otpd[69808]: tuser(a)IPA.VM: forward end:
Access-Challenge
Aug 26 21:03:52 master.ipa.vm ipa-otpd[69808]: tuser(a)IPA.VM: response sent:
Access-Challenge
Aug 26 21:04:07 master.ipa.vm ipa-otpd[69808]: tuser(a)IPA.VM: request received
Aug 26 21:04:07 master.ipa.vm ipa-otpd[69808]: tuser(a)IPA.VM: user query start
Aug 26 21:04:07 master.ipa.vm ipa-otpd[69808]: tuser(a)IPA.VM: user query end:
uid=tuser,cn=users,cn=accounts,dc=ipa,dc=vm
Aug 26 21:04:07 master.ipa.vm ipa-otpd[69808]: tuser(a)IPA.VM: radius query start:
cn=localhost,cn=radiusproxy,dc=ipa,dc=vm
Aug 26 21:04:07 master.ipa.vm ipa-otpd[69808]: tuser(a)IPA.VM: radius query end: 127.0.0.1
Aug 26 21:04:07 master.ipa.vm ipa-otpd[69808]: tuser(a)IPA.VM: forward start: tuser /
127.0.0.1
Aug 26 21:04:07 master.ipa.vm ipa-otpd[69808]: tuser(a)IPA.VM: forward end: Access-Accept
Aug 26 21:04:07 master.ipa.vm ipa-otpd[69808]: tuser(a)IPA.VM: response sent:
Access-Accept
~~~
"""
See the full comment at
https://github.com/SSSD/sssd/pull/5762#issuecomment-906743456