[ https://jira.fiware.org/browse/HELP-14088?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Fernando Lopez updated HELP-14088:
----------------------------------
Description:
Created question in FIWARE Q/A platform on 04-05-2018 at 14:05
{color: red}Please, ANSWER this question AT{color} https://stackoverflow.com/questions/50175061/error-validating-token-proxy-not-authorized-in-keystone-keystone-authenticatio
+Question:+
Error validating token. Proxy not authorized in keystone. Keystone authentication
+Description:+
I was trying to incorporate IDM (Docker) latest, and pep-proxy (git example running with node server).
When I started pep-proxy, everything was working as intended.
I've got the following messages:
INFO: Server - Starting PEP proxy in port 80. IdM authentication...
Server - Success authenticating PEP proxy. Proxy Auth-token: d9badf48-16fa-423d-884c-a3e155578791
Now a problem happens. When I enter the wrong token I get this error.
ERROR: IDM-Client - Error validating token.
Proxy not authorized in keystone. Keystone authentication ...
ERROR: Server - Caught exception:
SyntaxError: Unexpected token u in JSON at position 0
As far as I understand I am expecting some return like invalid token, etc.. instead I get this error in pep-proxy and my curl command show->(52) Empty reply from server.
My config.json of pep-proxy:
var config = {};
// Used only if https is disabled
config.pep_port = 80;
// Set this var to undefined if you don't want the server to listen on HTTPS
config.https = {
enabled: false,
cert_file: 'cert/cert.crt',
key_file: 'cert/key.key',
port: 443
};
config.idm = {
host: 'localhost',
port: 3000,
ssl: false
}
config.app = {
host: 'www.google.es',
port: '80',
ssl: false // Use true if the app server listens in https
}
// Credentials obtained when registering PEP Proxy in app_id in Account Portal
config.pep = {
app_id: 'xxxxxx',
username: 'xxxxxx',
password: 'xxxxxx',
trusted_apps : []
}
// in seconds
config.cache_time = 300;
// if enabled PEP checks permissions with AuthZForce GE.
// only compatible with oauth2 tokens engine
//
// you can use custom policy checks by including programatic scripts
// in policies folder. An script template is included there
config.azf = {
enabled: true,
protocol: 'http',
host: 'localhost',
port: 8080,
custom_policy: undefined // use undefined to default policy checks (HTTP verb + path).
};
// list of paths that will not check authentication/authorization
// example: ['/public/*', '/static/css/']
config.public_paths = [];
config.magic_key = 'undefined';
module.exports = config;
IDM logs:
fiware-idm_1 | GET
/user?access_token=7cb25729577c2e01dc337314dcd912ec981dc49b 401 4.445 ms - 116
fiware-idm_1 | Executing (default): SELECT email, 'user' as Source FROM
user WHERE email='pep_proxy_edf60435-7de7-4875-85a9-cf68b8838b8c'
fiware-idm_1 | UNION ALL
fiware-idm_1 | SELECT id, 'pep_proxy' as Source FROM
pep_proxy WHERE id='pep_proxy_edf60435-7de7-4875-85a9-cf68b8838b8c';
fiware-idm_1 | Executing (default): SELECT `id`, `password`,
`oauth_client_id` FROM `pep_proxy` AS `PepProxy` WHERE `PepProxy`.`id` =
'pep_proxy_edf60435-7de7-4875-85a9-cf68b8838b8c';
fiware-idm_1 | Executing (default): INSERT INTO `auth_token`
(`access_token`,`expires`,`valid`,`pep_proxy_id`) VALUES ('a0d54a6f-
8461-4000-bb80-5fb60193bcb4','2018-05-04
11:45:21',true,'pep_proxy_edf60435-7de7-4875-85a9-cf68b8838b8c');
fiware-idm_1 | POST /v3/auth/tokens 201 13.733 ms - 74
was:
Created question in FIWARE Q/A platform on 04-05-2018 at 14:05
{color: red}Please, ANSWER this question AT{color} https://stackoverflow.com/questions/50175061/error-validating-token-proxy-not-authorized-in-keystone-keystone-authenticatio
+Question:+
Error validating token. Proxy not authorized in keystone. Keystone authentication
+Description:+
I was trying to incorporate IDM (Docker) latest, and pep-proxy (git example running with node server).
When I started pep-proxy, everything was working as intended.
I've got the following messages:
INFO: Server - Starting PEP proxy in port 80. IdM authentication...
Server - Success authenticating PEP proxy. Proxy Auth-token: d9badf48-16fa-423d-884c-a3e155578791
Now a problem happens. When I enter the wrong token I get this error.
ERROR: IDM-Client - Error validating token.
Proxy not authorized in keystone. Keystone authentication ...
ERROR: Server - Caught exception:
SyntaxError: Unexpected token u in JSON at position 0
As far as I understand I am expecting some return like invalid token, etc.. instead I get this error in pep-proxy and my curl command show->(52) Empty reply from server.
My config.json of pep-proxy:
var config = {};
// Used only if https is disabled
config.pep_port = 80;
// Set this var to undefined if you don't want the server to listen on HTTPS
config.https = {
enabled: false,
cert_file: 'cert/cert.crt',
key_file: 'cert/key.key',
port: 443
};
config.idm = {
host: 'localhost',
port: 3000,
ssl: false
}
config.app = {
host: 'www.google.es',
port: '80',
ssl: false // Use true if the app server listens in https
}
// Credentials obtained when registering PEP Proxy in app_id in Account Portal
config.pep = {
app_id: 'xxxxxx',
username: 'xxxxxx',
password: 'xxxxxx',
trusted_apps : []
}
// in seconds
config.cache_time = 300;
// if enabled PEP checks permissions with AuthZForce GE.
// only compatible with oauth2 tokens engine
//
// you can use custom policy checks by including programatic scripts
// in policies folder. An script template is included there
config.azf = {
enabled: true,
protocol: 'http',
host: 'localhost',
port: 8080,
custom_policy: undefined // use undefined to default policy checks (HTTP verb + path).
};
// list of paths that will not check authentication/authorization
// example: ['/public/*', '/static/css/']
config.public_paths = [];
config.magic_key = 'undefined';
module.exports = config;
IDM logs:
fiware-idm_1 | GET
/user?access_token=7cb25729577c2e01dc337314dcd912ec981dc49b 401 4.445 ms - 116
fiware-idm_1 | Executing (default): SELECT email, 'user' as Source FROM
user WHERE email='pep_proxy_edf60435-7de7-4875-85a9-cf68b8838b8c'
fiware-idm_1 | UNION ALL
fiware-idm_1 | SELECT id, 'pep_proxy' as Source FROM
pep_proxy WHERE id='pep_proxy_edf60435-7de7-4875-85a9-cf68b8838b8c';
fiware-idm_1 | Executing (default): SELECT `id`, `password`,
`oauth_client_id` FROM `pep_proxy` AS `PepProxy` WHERE `PepProxy`.`id` =
'pep_proxy_edf60435-7de7-4875-85a9-cf68b8838b8c';
fiware-idm_1 | Executing (default): INSERT INTO `auth_token`
(`access_token`,`expires`,`valid`,`pep_proxy_id`) VALUES ('a0d54a6f-
8461-4000-bb80-5fb60193bcb4','2018-05-04
11:45:21',true,'pep_proxy_edf60435-7de7-4875-85a9-cf68b8838b8c');
fiware-idm_1 | POST /v3/auth/tokens 201 13.733 ms - 74
HD-Enabler: KeyRock
> [fiware-stackoverflow] Error validating token. Proxy not authorized in keystone. Keystone authentication
> --------------------------------------------------------------------------------------------------------
>
> Key: HELP-14088
> URL: https://jira.fiware.org/browse/HELP-14088
> Project: Help-Desk
> Issue Type: Monitor
> Components: FIWARE-TECH-HELP
> Reporter: Backlog Manager
> Assignee: Alvaro Alonso
> Labels: fiware, fiware-wilma
>
> Created question in FIWARE Q/A platform on 04-05-2018 at 14:05
> {color: red}Please, ANSWER this question AT{color} https://stackoverflow.com/questions/50175061/error-validating-token-proxy-not-authorized-in-keystone-keystone-authenticatio
> +Question:+
> Error validating token. Proxy not authorized in keystone. Keystone authentication
> +Description:+
> I was trying to incorporate IDM (Docker) latest, and pep-proxy (git example running with node server).
> When I started pep-proxy, everything was working as intended.
> I've got the following messages:
> INFO: Server - Starting PEP proxy in port 80. IdM authentication...
> Server - Success authenticating PEP proxy. Proxy Auth-token: d9badf48-16fa-423d-884c-a3e155578791
> Now a problem happens. When I enter the wrong token I get this error.
> ERROR: IDM-Client - Error validating token.
> Proxy not authorized in keystone. Keystone authentication ...
> ERROR: Server - Caught exception:
> SyntaxError: Unexpected token u in JSON at position 0
> As far as I understand I am expecting some return like invalid token, etc.. instead I get this error in pep-proxy and my curl command show->(52) Empty reply from server.
> My config.json of pep-proxy:
> var config = {};
> // Used only if https is disabled
> config.pep_port = 80;
> // Set this var to undefined if you don't want the server to listen on HTTPS
> config.https = {
> enabled: false,
> cert_file: 'cert/cert.crt',
> key_file: 'cert/key.key',
> port: 443
> };
> config.idm = {
> host: 'localhost',
> port: 3000,
> ssl: false
> }
> config.app = {
> host: 'www.google.es',
> port: '80',
> ssl: false // Use true if the app server listens in https
> }
> // Credentials obtained when registering PEP Proxy in app_id in Account Portal
> config.pep = {
> app_id: 'xxxxxx',
> username: 'xxxxxx',
> password: 'xxxxxx',
> trusted_apps : []
> }
> // in seconds
> config.cache_time = 300;
> // if enabled PEP checks permissions with AuthZForce GE.
> // only compatible with oauth2 tokens engine
> //
> // you can use custom policy checks by including programatic scripts
> // in policies folder. An script template is included there
> config.azf = {
> enabled: true,
> protocol: 'http',
> host: 'localhost',
> port: 8080,
> custom_policy: undefined // use undefined to default policy checks (HTTP verb + path).
> };
> // list of paths that will not check authentication/authorization
> // example: ['/public/*', '/static/css/']
> config.public_paths = [];
> config.magic_key = 'undefined';
> module.exports = config;
> IDM logs:
> fiware-idm_1 | GET
> /user?access_token=7cb25729577c2e01dc337314dcd912ec981dc49b 401 4.445 ms - 116
> fiware-idm_1 | Executing (default): SELECT email, 'user' as Source FROM
> user WHERE email='pep_proxy_edf60435-7de7-4875-85a9-cf68b8838b8c'
> fiware-idm_1 | UNION ALL
> fiware-idm_1 | SELECT id, 'pep_proxy' as Source FROM
> pep_proxy WHERE id='pep_proxy_edf60435-7de7-4875-85a9-cf68b8838b8c';
> fiware-idm_1 | Executing (default): SELECT `id`, `password`,
> `oauth_client_id` FROM `pep_proxy` AS `PepProxy` WHERE `PepProxy`.`id` =
> 'pep_proxy_edf60435-7de7-4875-85a9-cf68b8838b8c';
> fiware-idm_1 | Executing (default): INSERT INTO `auth_token`
> (`access_token`,`expires`,`valid`,`pep_proxy_id`) VALUES ('a0d54a6f-
> 8461-4000-bb80-5fb60193bcb4','2018-05-04
> 11:45:21',true,'pep_proxy_edf60435-7de7-4875-85a9-cf68b8838b8c');
> fiware-idm_1 | POST /v3/auth/tokens 201 13.733 ms - 74
--
This message was sent by Atlassian JIRA
(v6.4.1#64016)
You can get more information about our cookies and privacy policies clicking on the following links: Privacy policy Cookies policy