-
Notifications
You must be signed in to change notification settings - Fork 8
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[BUG] CrowdsecLapiScheme: must be one of 'hcaptcha', 'recaptcha' or 'turnstile' ? #174
Comments
Hello, Thank you for the report, I looked at the validation code and indead the error message you got was confusing: if !contains([]string{HTTP, HTTPS}, config.CrowdsecLapiScheme) {
return errors.New("CrowdsecLapiScheme: must be one of 'http' or 'https'")
}
if !contains([]string{"", HcaptchaProvider, RecaptchaProvider, TurnstileProvider}, config.CaptchaProvider) {
return errors.New("CrowdsecLapiScheme: must be one of 'hcaptcha', 'recaptcha' or 'turnstile'")
} I will replace with In your configuration, you have misspelled To be transparent we haven't tested a lot the turnstile provider, and we would be thankfull if you could give us some feedback on it. |
Oh right, my mistake, I though the errors came from CrowdsecLapiScheme because of what's the logs were giving, thanks for pointing out; However when I tried with turnstile : first I had to edit the classname of the captcha container from cf-captcha to cf-turnstile, then it rendered the captcha and validated it but traefik didn't receive the token / didn't notify crowdsec that the captcha was valid and thus it keep refreshing the page with the captcha and never remove the crowdsec decision |
Thanks for the feedback, we'll look into it @maxlerebourg |
Hey @Pierre-ZACHARY, Thanks to use our plugin 👍 |
We will keep testing in the upcoming days and release a new version afterwards. |
Without looking at any of the issues, I did the same thing and reached the same outcome with turnstile: captcha passes, a post request is made, but the bouncer doesn't get the response. The logs in DEBUG mode state the following every time the captcha page is reloaded and the captcha passes:
EDIT: I hope this helps debugging. Thank you for developing this plugin @mathieuHa @maxlerebourg! |
Hey @Ivomola, I've released v1.3.3-beta1 in the meantime to help test with non-dev instances. |
Just deployed and tested it, I can confirm it works now and the loop is gone. Thank you!! |
We've released v1.3.3 as latest release with this patch. |
Describe the bug 🐛
Traefik is logging an error saying "CrowdsecLapiScheme: must be one of 'hcaptcha', 'recaptcha' or 'turnstile'"
2024-06-09T02:07:06Z ERR error="CrowdsecLapiScheme: must be one of 'hcaptcha', 'recaptcha' or 'turnstile'" entryPointName=web routerName=whoamiapp-whoami-ingress-whoami-pierre-zachary-fr@kubernetes
I've followed the examples/kubernetes setup
Expected behavior 👀
CrowdsecLapiScheme should be http or https
I've tested with recaptcha and the behaviour is the one expected; seems to only happen with cloudflare
Context 🔎
Middleware values :
spec:
plugin:
bouncer:
CrowdsecLapiKey: 40796d93c2958f9e58345514e67740e5
Enabled: "true"
logLevel: DEBUG
crowdsecMode: live
crowdsecLapiHost: crowdsec-service.crowdsec.svc.cluster.local:8080
crowdsecLapiScheme: http
captchaHTMLFilePath: /html/captcha.html
banHtmlFilePath: /html/ban.html
captchaProvider: turnsite
captchaGracePeriodSeconds: 1800
captchaSiteKey: ...
captchaSecretKey: ...
Version (please complete the following information):
Traefik 3.0.1
Crowdsec v1.6.1-2
crowdsec-bouncer-traefik-plugin1.3.1
To Reproduce
Deploy whoami with above configurations and labels :
traefik.ingress.kubernetes.io/router.middlewares: kube-system-bouncer@kubernetescrd
traefik.ingress.kubernetes.io/router.entrypoints: web
The text was updated successfully, but these errors were encountered: