[Backlogmanager] [FIWARE-JIRA] (HELP-14088) [fiware-stackoverflow] Error validating token. Proxy not authorized in keystone. Keystone authentication

Veronika Vlnkova (JIRA) jira-help-desk at jira.fiware.org
Fri May 4 16:14:00 CEST 2018

Previous message: [Backlogmanager] [FIWARE-JIRA] (HELP-14046) [fiware-stackoverflow] How to store hierarchical data through Cygnus with MongoDB
Next message: [Backlogmanager] [FIWARE-JIRA] (HELP-14088) [fiware-stackoverflow] Error validating token. Proxy not authorized in keystone. Keystone authentication
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

     [ https://jira.fiware.org/browse/HELP-14088?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Veronika Vlnkova reassigned HELP-14088:
---------------------------------------

    Assignee: Alvaro Alonso

> [fiware-stackoverflow] Error validating token. Proxy not authorized in keystone. Keystone authentication
> --------------------------------------------------------------------------------------------------------
>
>                 Key: HELP-14088
>                 URL: https://jira.fiware.org/browse/HELP-14088
>             Project: Help-Desk
>          Issue Type: Monitor
>          Components: FIWARE-TECH-HELP
>            Reporter: Backlog Manager
>            Assignee: Alvaro Alonso
>              Labels: fiware, fiware-wilma
>
> Created question in FIWARE Q/A platform on 04-05-2018 at 14:05
> {color: red}Please, ANSWER this question AT{color} https://stackoverflow.com/questions/50175061/error-validating-token-proxy-not-authorized-in-keystone-keystone-authenticatio
> +Question:+
> Error validating token. Proxy not authorized in keystone. Keystone authentication
> +Description:+
> I was trying to incorporate IDM (Docker) latest, and pep-proxy (git example running with node server).
> When I started pep-proxy, everything was working as intended. 
> I've got the following messages:
> INFO: Server - Starting PEP proxy in port 80. IdM authentication...
> Server - Success authenticating PEP proxy. Proxy Auth-token:  d9badf48-16fa-423d-884c-a3e155578791
> Now a problem happens. When I enter the wrong token I get this error.
> ERROR: IDM-Client - Error validating token. 
> Proxy not authorized in keystone. Keystone authentication ... 
> ERROR: Server - Caught exception: 
> SyntaxError: Unexpected token u in JSON at position 0
> As far as I understand I am expecting some return like invalid token, etc.. instead I get this error in pep-proxy and my curl command show->(52) Empty reply from server.
> My config.json of pep-proxy:
> var config = {};
> // Used only if https is disabled
> config.pep_port = 80;
> // Set this var to undefined if you don't want the server to listen on  HTTPS
> config.https = {
>   enabled: false,
>   cert_file: 'cert/cert.crt',
>   key_file: 'cert/key.key',
>   port: 443
> };
> config.idm = {
>   host: 'localhost',
>   port: 3000,
>   ssl: false
> }
> config.app = {
>   host: 'www.google.es',
>   port: '80',
>   ssl: false // Use true if the app server listens in https
> }
> // Credentials obtained when registering PEP Proxy in app_id in Account Portal     
> config.pep = {
>   app_id: 'xxxxxx',
>   username: 'xxxxxx',
>   password: 'xxxxxx',
>   trusted_apps : []
> }
> // in seconds
> config.cache_time = 300;
> // if enabled PEP checks permissions with AuthZForce GE. 
> // only compatible with oauth2 tokens engine
> //
> // you can use custom policy checks by including programatic scripts 
> // in policies folder. An script template is included there
> config.azf = {
>   enabled: true,
>   protocol: 'http',
>   host: 'localhost',
>   port: 8080,
>   custom_policy: undefined // use undefined to default policy checks (HTTP verb + path).
>  };
>  // list of paths that will not check authentication/authorization
>  // example: ['/public/*', '/static/css/']
>  config.public_paths = [];
>  config.magic_key = 'undefined';
>  module.exports = config;
> IDM logs:
> fiware-idm_1  | GET                                                
> /user?access_token=7cb25729577c2e01dc337314dcd912ec981dc49b 401 4.445 ms -  116
> fiware-idm_1  | Executing (default): SELECT email, 'user' as Source FROM  
> user WHERE email='pep_proxy_edf60435-7de7-4875-85a9-cf68b8838b8c'
> fiware-idm_1  |                  UNION ALL
> fiware-idm_1  |                  SELECT id, 'pep_proxy' as Source FROM    
> pep_proxy WHERE id='pep_proxy_edf60435-7de7-4875-85a9-cf68b8838b8c';
> fiware-idm_1  | Executing (default): SELECT `id`, `password`,    
> `oauth_client_id` FROM `pep_proxy` AS `PepProxy` WHERE `PepProxy`.`id` = 
> 'pep_proxy_edf60435-7de7-4875-85a9-cf68b8838b8c';
> fiware-idm_1  | Executing (default): INSERT INTO `auth_token` 
> (`access_token`,`expires`,`valid`,`pep_proxy_id`) VALUES ('a0d54a6f- 
> 8461-4000-bb80-5fb60193bcb4','2018-05-04 
> 11:45:21',true,'pep_proxy_edf60435-7de7-4875-85a9-cf68b8838b8c');
> fiware-idm_1  | POST /v3/auth/tokens 201 13.733 ms - 74



--
This message was sent by Atlassian JIRA
(v6.4.1#64016)

Previous message: [Backlogmanager] [FIWARE-JIRA] (HELP-14046) [fiware-stackoverflow] How to store hierarchical data through Cygnus with MongoDB
Next message: [Backlogmanager] [FIWARE-JIRA] (HELP-14088) [fiware-stackoverflow] Error validating token. Proxy not authorized in keystone. Keystone authentication
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Backlogmanager mailing list

You can get more information about our cookies and privacy policies clicking on the following links: Privacy policy Cookies policy