[ https://jira.fiware.org/browse/HELP-8849?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
José Ignacio Carretero Guarde updated HELP-8849:
------------------------------------------------
Labels: authentication fiware fiware-keyrock multiple-users oauth (was: authentication fiware multiple-users oauth)
> [fiware-stackoverflow] Unable to authenticate users for an app in Fiware Lab KeyRock instance
> ---------------------------------------------------------------------------------------------
>
> Key: HELP-8849
> URL: https://jira.fiware.org/browse/HELP-8849
> Project: Help-Desk
> Issue Type: Monitor
> Components: FIWARE-TECH-HELP
> Reporter: Backlog Manager
> Assignee: Backlog Manager
> Labels: authentication, fiware, fiware-keyrock, multiple-users, oauth
>
> Created question in FIWARE Q/A platform on 03-01-2016 at 21:01
> {color: red}Please, ANSWER this question AT{color} https://stackoverflow.com/questions/34581476/unable-to-authenticate-users-for-an-app-in-fiware-lab-keyrock-instance
> +Question:+
> Unable to authenticate users for an app in Fiware Lab KeyRock instance
> +Description:+
> I have registered two users in Keyrock (the global fiware labs instance at https://account.lab.fiware.org)
> User Robin has an organisation Robin-Cloud
> User Robin is owner of an application Babbler
> The application Babbler has authorized users "Robin" and "Robin viewer" (see screenshot)
> User "Robin viewer" is a member of the same organisation as user "Robin"
> Just to be sure i authorized the whole organisation that "Robin viewer" belongs to.
> Both users have the same roles.
> I can authenticate user "Robin" using a shell script to get an Access token. In the shell script i pass in the Applications Client ID and Client secret. I also pass in the username and password of User "Robin". The shell script is here (altered copy of this https://raw.githubusercontent.com/Bitergia/fiware-chanchan-docker/master/images/pep-wilma/4.3.0/auth-token.sh ):
> #!/bin/bash
> if [ $# -lt 2 ] ; then
> echo "auth-token: missing parameters."
> echo "Usage: auth-token <user-email> <password>"
> exit 1
> fi
> # Retrieve X-Auth-Token to make request against the protected resource
> function get_token () {
> if [ $# -lt 2 ] ; then
> echo "get_token: missing parameters."
> echo "Usage: get_token <user-email> <password>"
> exit 1
> fi
> local _user=$1
> local _pass=$2
> # Retrieve Client ID and client Secret Automatically
> CLIENT_ID="e2c095aa42414e75b9ac4d760f4c625a"
> CLIENT_SECRET="****"
> # Generate the Authentication Header for the request
> AUTH_HEADER="$(echo -n ${CLIENT_ID}:${CLIENT_SECRET} | base64)"
> # Define headers
> CONTENT_TYPE="\"Content-Type: application/x-www-form-urlencoded\""
> AUTH_BASIC="\"Authorization: Basic ${AUTH_HEADER}\""
> # Define data to send
> DATA="'grant_type=password&username=${_user}&password=${_pass}&client_id=${CLIENT_ID}&client_secret=${CLIENT_SECRET}'"
> # Create the request
> REQUEST="curl -s --insecure -i --header ${AUTH_BASIC} --header ${CONTENT_TYPE} -X POST https://account.lab.fiware.org/oauth2/token -d ${DATA}"
> XAUTH_TOKEN="$(eval ${REQUEST})"
> echo "Request: ${REQUEST}"
> echo "X-Auth-Token for '${_user}': ${XAUTH_TOKEN}"
> }
> get_token $1 $2
> However
> I cannot get an access token for User "Robin viewer". The message i get from Keyrock is:
> {"error": {"message": "The request you have made requires authentication.", "code": 401, "title": "Unauthorized"}}
> I assumed authorizing user "Robin viewer" for the Babbler app in the Keyrock user interface would be enough. What am i missing here?
--
This message was sent by Atlassian JIRA
(v6.4.1#64016)
You can get more information about our cookies and privacy policies clicking on the following links: Privacy policy Cookies policy