Install & Configure Plugin On OpenVPN Access Server (OpenVPN-AS) about openvpn-auth-oauth2 HOT 7 CLOSED

I really can't find any documentation on how to add configuration to this as.conf

Correct. AS was nether tested. And I don't have any experience in AS. Sorry.

management AS_MANAGEMENT_IP AS_MANAGEMENT_PORT /usr/local/openvpn_as/etc/password.txt
management-hold
management-client-auth

Is correct for an OpenVPN server config file, but I have no idea how to configure it on AS.

from openvpn-auth-oauth2.

that can support OpenVPN Access Server.

Since the Access Server already provides SSO capabilities, future support for AS is not planned. Sorry.

from openvpn-auth-oauth2.

The error

Failed to add match 'openvpn-auth-oauth2': Invalid argument

seems more systemd related. Because I find some issues around Failed to add match 'xxx': Invalid argument

Can you run openvpn-auth-oauth2 from a shell, without using systemd?

In general, AS server is untested and I'm not sure if the authentication from openvpn-auth-oauth2 conflicts with AS server one. I also have no idea, if OVPN management interface is availible on AS.

from openvpn-auth-oauth2.

Hi @jkroepke
Thank you so much for your quick response. After running: #/usr/bin/openvpn-auth-oauth2
I got the following error:
error loading config: validation error: http.secret is required
But in configuration file /etc/sysconfig/openvpn-auth-oauth2, I defined variable CONFIG_HTTP_SECRET.
If you haven't already checked on the AS server, could you plan to investigate and develop a plugin for the AS server? I really need this plugin for the AS server.

from openvpn-auth-oauth2.

The connection between /etc/sysconfig/openvpn-auth-oauth2 and /usr/bin/openvpn-auth-oauth2 is done by systemd. The file is ignored, if systemd is not used for the start.

For now, you have to pass the config manually with the env command

env CONFIG_HTTP_SECRET=abc CONFIG_XXX=YYY CONFIG_XXX=YYY CONFIG_XXX=YYY CONFIG_XXX=YYY /usr/bin/openvpn-auth-oauth2

from openvpn-auth-oauth2.

It seems like I have successfully executed it:
/usr/bin/openvpn-auth-oauth2
msg="discover oidc auto configuration with provider generic for issuer https://login.microsoftonline.com/AZURE-TENANT-ID/oauth2/v2.0/authorize"
msg="newProviderWithDiscovery: http status not ok: 404 Not Found "
I will need to double-check the value of CONFIG_OAUTH2_ISSUER.
Furthermore, I don't know how to connect openvpn-auth-oauth2 with openvpn-as server. I added the following lines into configuration file of AS server (/usr/local/openvpn_as/etc/as.conf):
management AS_MANAGEMENT_IP AS_MANAGEMENT_PORT /usr/local/openvpn_as/etc/password.txt
management-hold
management-client-auth
Is this correct? I really can't find any documentation on how to add configuration to this as.conf file from OpenVPN Access Server documentation.

from openvpn-auth-oauth2.

Thank you so much for your help @jkroepke
Hope you will release a new version that can support OpenVPN Access Server.
Wish you have a good day.

from openvpn-auth-oauth2.