Coder Social home page Coder Social logo

[BUG] Cannot login about cli HOT 13 CLOSED

dopplerhq avatar dopplerhq commented on August 15, 2024
[BUG] Cannot login

from cli.

Comments (13)

nmanoogian avatar nmanoogian commented on August 15, 2024 1

Awesome, I'm glad you were able to track it down!

from cli.

nmanoogian avatar nmanoogian commented on August 15, 2024

Hi @seagullmouse, sorry that you're running into an issue here!

Can you share the output of doing an unauthenticated curl against our API? I'm suspecting a networking issue.

curl -v 'https://api.doppler.com/v3/projects'

from cli.

seagullmouse avatar seagullmouse commented on August 15, 2024 
 ~/Documents/code/rise/rise-pol   main  curl -v 'https://api.doppler.com/v3/projects'
*   Trying 172.66.40.54:443...
* Connected to api.doppler.com (172.66.40.54) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*  CAfile: /etc/ssl/cert.pem
*  CApath: none
* (304) (OUT), TLS handshake, Client hello (1):
* (304) (IN), TLS handshake, Server hello (2):
* (304) (IN), TLS handshake, Unknown (8):
* (304) (IN), TLS handshake, Certificate (11):
* (304) (IN), TLS handshake, CERT verify (15):
* (304) (IN), TLS handshake, Finished (20):
* (304) (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / AEAD-CHACHA20-POLY1305-SHA256
* ALPN, server accepted to use h2
* Server certificate:
*  subject: C=US; ST=California; L=San Francisco; O=Cloudflare, Inc.; CN=doppler.com
*  start date: Nov 24 00:00:00 2022 GMT
*  expire date: Feb 21 23:59:59 2023 GMT
*  subjectAltName: host "api.doppler.com" matched cert's "*.doppler.com"
*  issuer: C=US; O=Cloudflare, Inc.; CN=Cloudflare Inc ECC CA-3
*  SSL certificate verify ok.
* Using HTTP2, server supports multiplexing
* Connection state changed (HTTP/2 confirmed)
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
* Using Stream ID: 1 (easy handle 0x148811000)
> GET /v3/projects HTTP/2
> Host: api.doppler.com
> user-agent: curl/7.79.1
> accept: */*
> 
* Connection state changed (MAX_CONCURRENT_STREAMS == 256)!
< HTTP/2 401 
< date: Fri, 20 Jan 2023 15:50:07 GMT
< content-type: application/json; charset=utf-8
< content-length: 131
< cf-ray: 78c8f6cafa0676f6-LHR
< etag: W/"83-wz0cc/Q3w4uW/SNOdV478Au1wJc"
< strict-transport-security: max-age=31536000; includeSubDomains; preload
< via: 1.1 google
< cf-cache-status: DYNAMIC
< alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
< content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
< cross-origin-opener-policy: same-origin
< referrer-policy: strict-origin
< x-content-type-options: nosniff
< x-dns-prefetch-control: off
< x-download-options: noopen
< x-frame-options: SAMEORIGIN
< x-permitted-cross-domain-policies: none
< x-request-id: e03c2b52-c20f-4fb6-8bf5-6597172dc7b2
< x-xss-protection: 0
< server: cloudflare
< 
* Connection #0 to host api.doppler.com left intact
{"messages":["Please provide an api key. You can learn more at https://docs.doppler.com/reference#authentication"],"success":false}%                ~/Documents/code/rise/rise-pol   main 

from cli.

nmanoogian avatar nmanoogian commented on August 15, 2024

OK, that request is looking solid to me. Can you try a POST?

curl -X POST https://api.doppler.com/v3/auth/cli/authorize -H 'Content-Type: application/json' --data '{"code": "test"}'

from cli.

seagullmouse avatar seagullmouse commented on August 15, 2024

{"messages":["Invalid auth code"],"success":false}%

from cli.

seagullmouse avatar seagullmouse commented on August 15, 2024

Does the login perform some frequent polling of the API? I wonder if my work has some policy on network traffic and thinks this is a threat.

from cli.

nmanoogian avatar nmanoogian commented on August 15, 2024

It does indeed -- the CLI makes that /v3/auth/cli/authorize request every 2 seconds to see if the auth code has been registered via the Doppler dashboard. If you retry the doppler login --debug command after not having run it for awhile, do you see fewer failures? I noticed that our analytics POST is also failing in your original logs.

You could also try running that curl every 2 seconds and see if it starts failing. That would be a pretty telling piece of evidence.

from cli.

seagullmouse avatar seagullmouse commented on August 15, 2024

Couple of observations

  • I tried running it every couple of seconds and can't get it to fail.
  • Sometimes the cli returns with a failure within 2 seconds (feels pretty immediate)

from cli.

seagullmouse avatar seagullmouse commented on August 15, 2024

Is there a workaround to get a token onto my machine?

from cli.

nmanoogian avatar nmanoogian commented on August 15, 2024

Interesting. One workaround would be to configure your CLI to use a Doppler personal token for authentication. Click on the "Tokens" link in the left menu and select the "Personal" tab. You can only have one personal token at a time so you'll need to roll your existing personal token if you already have one.

Once you've copied the token secret, you can load it into the CLI with pbpaste | doppler configure set token.

from cli.

seagullmouse avatar seagullmouse commented on August 15, 2024

Thanks.

I've tried with the personal token but still run into issues with the CLI.

E.g.

doppler configs
Unable to fetch configs
Doppler Error: Get "https://api.doppler.com/v3/configs?per_page=100&project=": EOF

doppler secrets -p **** -c local get DOPPLER_CONFIG --plain
Unable to fetch secrets
Doppler Error: Get "https://api.doppler.com/v3/configs/config/secrets?config=local&include_dynamic_secrets=false&project=****&secrets=DOPPLER_CONFIG": EOF

Something is more fundamentally wrong here.

from cli.

nmanoogian avatar nmanoogian commented on August 15, 2024

Darn. And I'm guessing that this works for you?

curl -H "Authorization: Bearer $(doppler configure get token --plain)" 'https://api.doppler.com/v3/configs?project=YOUR_PROJECT_NAME'

from cli.

seagullmouse avatar seagullmouse commented on August 15, 2024

I've finally found a related issue at my company. They have a network filter installed that is buggy.

Thanks for your help on this!

from cli.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.