Uploaded image for project: 'Red Hat OpenShift Dev Spaces (formerly CodeReady Workspaces) '
  1. Red Hat OpenShift Dev Spaces (formerly CodeReady Workspaces)
  2. CRW-107

"openshift-oauth-client" is been rewritten after installing second CodeReady Workspaces instance with oauth support at the same OCP cluster

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Minor Minor
    • 1.0.0.GA
    • 1.0.0.Beta
    • None
    • None

      Use case:
      1) deploy CRW Beta1-8 on OCP with Openshift oAuth support using deploy.sh by installer
      2) deploy new CRW Beta1-8 on OCP with Openshift oAuth support again in another namespace by using deploy.sh installer at the same OCP cluster.

      Wrong behavior - second deployment rewrites secret on first deployment which were stored as the same oauth client "openshift-oauth-client".

      Error of rh-sso pod of first deployment:

      14:47:46,389 ERROR [org.keycloak.broker.oidc.AbstractOAuth2IdentityProvider] (default task-68) Failed to make identity provider oauth callback: org.keycloak.broker.provider.IdentityBrokerException: No access token available in OAuth server response: {"error":"unauthorized_client","error_description":"The client is not authorized to request a token using this method."}

    at org.keycloak.broker.oidc.AbstractOAuth2IdentityProvider.getFederatedIdentity(AbstractOAuth2IdentityProvider.java:279)
    at org.keycloak.broker.oidc.AbstractOAuth2IdentityProvider$Endpoint.authResponse(AbstractOAuth2IdentityProvider.java:399)

              yivantso Eugene Ivantsov (Inactive)
              dnochevn Dmytro Nochevnov
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated:
                Resolved: