400 response for any request with auth cookies present / No debug mode #175
Labels
bug
Something isn't working
Comments
# for free
to join this conversation on GitHub.
Already have an account?
# to comment
Expected
I am trying to deploy lite on GCP Cloud Run behind oauth2-proxy as a SSO sidecar container and this is what I observe:
If I attempt to reach any instance of structurizr (the deployed target above, localhost docker, localhost war file, other environments etc) with this cookie present in my browser it fails with the 400
Until cookie is deleted from browser or I use a new private tab - I am guaranteed to get the 400
I suspected that it was to do with cookie size (its an 8k cookie from azure AD :( ) but I managed to strip scopes etc until it was down to the size above - though it still doesn't fit into a single cookie.
The biggest pain point in debugging this is that it doesn't seem to be possible to enable debug logging with the lite version - so there is nothing in logs at all. All I have to go on is the 400 response in developer tools of the browser.
So I don't know if its some cross origin thing, cookie size limits, the split cookie or perhaps absolutely nothing to do with cookies .... :)
Actual
Steps to reproduce
Thats kinda difficult :)
If you happen to use Azure AD as an IDP, then setting up an oauth2-proxy docker container or the binary in front of a local docker instance should get you the cookie and 400 response
Version/build information
structurizr/lite:2024.11.04
Severity
Major
Priority
I have no budget and there's no rush, please fix this for free
More information
Of course stripping the cookies at the proxy before being sent down to the structurizr app would be nice .... but not something that they support. But either way it feels like this is also a bug for this project too
The text was updated successfully, but these errors were encountered: