Configure Microsoft Socialite Default Role

Jeff_Deng · 4 December 2023 01:42

Hi there,

I have configured Oauth with Microsoft. It is working fine. But how do I setup a default user role for Socialite login? It is on none role when you first login to Libresnm.

I have setup a new key default_role global-read which is not working.

I also run the command lnms config:set auth.socialite.default_role global-read in a new + provider, now it is showing the command as a new provider, how do i remove lnms config:set auth.socialite.default_role global-read? It is showing another green hyper link on the login page now. Please help…

Thanks in advance.

Regards

Jeff Deng

pjchilds · 4 December 2023 05:12

This code is fairly recently merged, what version of LibreNMS are you using?

( You would need at least 23.11.0 with this this patch applied - Add support for Okta Group claims to set Roles by peejaychilds · Pull Request #15592 · librenms/librenms · GitHub )

The setting should look something like this …

You could post the output of
lnms config:get auth.socialite
with sensitive things removed which might show what the issue with the ‘extra provider’ is

Jeff_Deng · 4 December 2023 07:29

Thank you for your response. My LibreNMS is on 23.10.0. I will update it to latest and try the patch.

Please find the configs at below. I really need to remove the “lnms config:set auth.socialite.default_role global-read”

librenms@Libre:~$ lnms config:get auth.socialite
{
“redirect”: false,
“register”: true,
“configs”: {
“microsoft”: {
“client_id”: “123456789”,
“client_secret”: “123456789”,
“tenant”: “123456789”,
“listener”: “\SocialiteProviders\Microsoft\MicrosoftExtendSocialite”,
“default_role”: “global-read”
},
“lnms config:set auth.socialite.default_role global-read”:
}
}

pjchilds · 4 December 2023 08:10

I can’t figure out how you managed to get that in there like that

You may need to remove it at the database level

Something like (ensure you get the correct row and config_id that matches your configuration)

mysql librenms -u librenms -p
MariaDB [librenms]> select * from config where config_name like 'lnms '
    -> ;
Empty set (0.000 sec)

MariaDB [librenms]> select * from config where config_name like '%lnms%';
+-----------+------------------------------------------------------------------------+--------------+
| config_id | config_name                                                            | config_value |
+-----------+------------------------------------------------------------------------+--------------+
|        15 | auth.socialite.lnms config:set auth.socialite.default_role global-read | null         |
+-----------+------------------------------------------------------------------------+--------------+
1 row in set (0.000 sec)

MariaDB [librenms]> delete from config where config_id = 15;
Query OK, 1 row affected (0.002 sec)

Jeff_Deng · 4 December 2023 09:22

Thank you, I run >select * from config \G

*************************** 31. row ***************************
config_id: 34
config_name: auth.socialite.configs
config_value: {“microsoft”:{“client_id”:“123456789”,“client_secret”:“123456789”,“tenant”:“123456789”,“listener”:“\SocialiteProviders\Microsoft\MicrosoftExtendSocialite”,“default_role”:“global-read”},“lnms config:set auth.socialite.default_role global-read”:[]}

I am going to update the config_value, can you plz confirm the query with me? Do I need a quotation mark likes config_value = “values” or none quotation mark, like this at below?

UPDATE config SET config_value = {“microsoft”:{“client_id”:“123456789”,“client_secret”:“123456789”,“tenant”:“123456789”,“listener”:“\SocialiteProviders\Microsoft\MicrosoftExtendSocialite”}} WHERE config_name = '‘auth.socialite.configs’;

pjchilds · 4 December 2023 23:35

If it was me I would do a

delete from config where config_id = 34

then re-enter your settings as per the notes/instructions used when setting it up

But yes you can do the update you would need single quotes around the value ie

UPDATE config SET config_value = '{“microsoft”:{“client_id”:“123456789”,“client_secret”:“123456789”,“tenant”:“123456789”,“listener”:“\SocialiteProviders\Microsoft\MicrosoftExtendSocialite”}}' WHERE config_name = 'auth.socialite.configs';

pjchilds · 4 December 2023 23:41

or just reset and enter again using

 lnms config:set auth.socialite.configs

 Reset auth.socialite.configs to the default? (yes/no) [no]:
 > yes

Jeff_Deng · 5 December 2023 09:23

Thank you pjchilds. I can’t fix this without your help.

Firstly, I have tried updating the value, it caused the login page down. I have to delete the config_id and reset the MS Socialite settings again.

system · 4 March 2024 09:24

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.