Chronograf - Oauth - Unable to login when using GH orgs


#1

I have setup Chronograf, InfluxDB and Telegraf via the docker engine.

The only issue I have is that when I enable Oauth via either Google or GitHub and restrict to a Domain/Organisation it fails to login.

The docker logs are showing the below error:

time="2017-07-24T09:35:11Z" level=info msg=Request component=server method=GET remote_addr="172.17.0.1:50724" url=/chronograf/v1/me
time="2017-07-24T09:35:11Z" level=error msg="Invalid principal" component=auth method=GET remote_addr="172.17.0.1:50724" url=/chronograf/v1/me
time="2017-07-24T09:35:11Z" level=info msg="Response: Forbidden" code=403 component=server remote_addr="172.17.0.1:50724" response_time="231.289µs"

172.17.0.1 is the default route from the contatiner to the host.


#2

I have same problem and still fighting to figure out what is happening.


#3

Could you please share a redacted version of the CLI flags / ENVs that you use to launch Chronograf? That would help us debug this.


#4

Here is the docker run command i use:
docker run -p 8888:8888 -e “GH_CLIENT_ID=<my-gh-client-id>” -e “GH_CLIENT_SECRET=<my-gh-client-secret>” -e “GH_ORGS=influxdata” -e “PUBLIC_URL=http://localhost:8888” -e “TOKEN_SECRET=<my-token-secret>” chronograf:1.3.8.1-alpine