New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Server returns 502 "authentik starting..." #2247
Comments
Ik have the same problem with 2022.1.4. Previous version is working fine |
I have the same issue, just clicking around the admin interface will trigger this, as well as trying to authenticate, which only works sometimes. |
This also affects requests done by external clients that use Authentik as an IdentityProvider for OpenID Connect. This means the version is not usable for production environments. We did a rollback to 2022.1.3 and in that version the issue is not present. |
I've not been able to reproduce this issue and it also hasn't occurred for me. What's everyone's setup like? Reverse proxy or direct access to authentik? Docker-compose or kubernetes? |
Traefik 2.5.7 with docker compose. 2022.1.3 is running fine. |
@Akruidenberg can you post the related traefik logs? I can reproduce the error if I send it an invalid method on purpose, but not with normal usage so I'm curious to see what traefik is sending it. |
Using Docker here + NGINX reverse proxy. Even before I added NGINX, I got that error. |
Same here, docker (on unraid) + nginx, seeing the error with and without nginx |
There is a similar issue here encode/uvicorn#1296 but that shouldn't have changed anything between 22.1.3 and 22.1.4 |
What exactly are the differences between .3 and .4? Strange thing is, the previous version don't have the issue. |
version/2022.1.3...version/2022.1.4, the only change that could've done something is the uvicorn upgrade, but I can't test rolling it back since I can't reproduce the error |
Could some of you test the latest gh-next build, and set the log level to trace? That will log the URL and headers for those failed requests which should help debug the issue. |
Just tried gh-next but cant reproduce the error because this version is stopping me from taking any administrative action, always returning Even just trying to edit a user, trace log shows
|
CSRF issues can happen when an old webui is cached somewhere, can you try clearing that? The webui should send an |
Ive cleared all caches, used a fresh browser profile and even restarted nginx, but the error is still there |
Oops I misread the error, yeah that was actually caused by a mistake on my side, will be fixed in the next gh-next build @0xcd0e build is up now |
Ok the csrf error seems to be gone, and so is the 502 error... I cant reproduce it on gh-next, but it happens again as soon as i switch back to 22.1.4 |
on 22.1.4, when the error happens, could you look in the browser's developer console, and post a screenshot of a failing request here? I'm still curious what requests break it since I can't reproduce it locally, even when running the same commit as 22.1.4 |
For example, a simple request to change a users Name:
Returns 502 "authentik starting...", waiting for a moment and hitting the Update button again returns 200 and the user gets updated.
|
I think this is a uvicorn 0.17.1 issue, on their releases page on version 0.17.2 (https://github.com/encode/uvicorn/releases/tag/0.17.2), they rolled back some changes because of a problem with httptools encode/uvicorn#1345 The error im seeing is exactly that So updating uvicorn to 0.17.2 or later should fix the issue |
Cheers for the digging, that would explain it not being in the latest build since c1c8e4c was merged. Let me quickly build an image with that commit cherrypicked to tests and then I can ship 22.1.5 |
@0xcd0e please try with |
Thanks, I will pull that and use it until a official release is out |
Fixed by cf600f6 |
Describe the bug
While authenticating and generally just moving around the site, requests fail with response 502.
Seems like its mainly POST requests that get redirected so they become GET requests, sometimes the redirect seems to result in the 502.
Dev console in my browser shows "authentik starting..." as the server response, the GUI just shows "Whooops! Something went wrong! Please try again later.".
After retrying again and again, it starts working after some time, requests are answered with a 302 and a GET request is sent by the browser which makes it work.
To Reproduce
The behavior is random!
Steps to reproduce the behavior:
Expected behavior
Being able to navigate the site and authenticate without having to roll a dice.
Logs
Server log:
Version and Deployment (please complete the following information):
The text was updated successfully, but these errors were encountered: