[Backlogmanager] [FIWARE-JIRA] (HELP-20051) [fiware-stackoverflow] Unable to use JWT token generated from Fiware Keyrock

Alvaro Alonso (JIRA) jira-help-desk at jira.fiware.org
Mon Oct 23 09:50:00 CEST 2023

Previous message: [Backlogmanager] [FIWARE-JIRA] (HELP-22532) [fiware-stackoverflow] Orion-ld Subscribe to all entities
Next message: [Backlogmanager] [FIWARE-JIRA] (HELP-20042) [fiware-stackoverflow] Control the OAuth2.0 access code lifetime for keyrock (FIWARE generic enabler) using docker-compose
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

     [ https://jira.fiware.org/browse/HELP-20051?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Alvaro Alonso closed HELP-20051.
--------------------------------
    Resolution: Dismissed

> [fiware-stackoverflow] Unable to use JWT token generated from Fiware Keyrock
> ----------------------------------------------------------------------------
>
>                 Key: HELP-20051
>                 URL: https://jira.fiware.org/browse/HELP-20051
>             Project: Help-Desk
>          Issue Type: Monitor
>          Components: FIWARE-TECH-HELP
>            Reporter: Backlog Manager
>            Assignee: Alvaro Alonso
>              Labels: authzforce, fiware, fiware-keyrock, fiware-wilma
>
> Created question in FIWARE Q/A platform on 09-09-2022 at 16:09
> {color: red}Please, ANSWER this question AT{color} https://stackoverflow.com/questions/73665080/unable-to-use-jwt-token-generated-from-fiware-keyrock
> +Question:+
> Unable to use JWT token generated from Fiware Keyrock
> +Description:+
> For the Fiware security layer Keyrock version 8.0.0, Wilma version 8.0.0 and  Authzforce version release-10.0.0  are configured.
> Keyrock generates a Bearer token that works properly for Orion authorization. But, the problem comes if I use a JWT token instead. I generate a JWT token  by adding the scope option in the request:
> POST /oauth2/token HTTP/1.1 Host: localhost:3005 Authorization: Basic MTlmMjdiZGMtMTM1My00MTY5LTkxN2ItZTI1NTVjNDYwYzUyOjU4YWIxZTFjLTBkYjktNDBmZi1hMmUyLTJjZTYyNjNlNjI1Yg== Content-Type: application/x-www-form-urlencoded grant_type=password&usernameusername1&password=password1&scope=jwt
> When I try to access Orion through Wilma using the below request, Wilma reports the error "AZF domain not created for application 19f27bdc-1353-4169-917b-e2555c460c52":
> GET /version HTTP/1.1 Host: localhost:1022 Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJvcmdhbm......uPPQk6TdAT-b-8nDEU_l8JdIkJeSIDzTQvfOHX1PYeU.
> Moreover, in Keyrock GUI for the application all Grant Types are selected. And, for Token types "JWT token" is selected.
> Also in Wilma configuration property for JWT Secret is added (PEP_TOKEN_SECRET=5e39ee34ad881b01).
> I removed a few times az_domain from authzforce table in MySQL database and recreated it by adding new roles/permissions from the Keyrock GUI, but that new domain didn't solve the problem either.
> I hope someone can help me. Thanks in advance.



--
This message was sent by Atlassian JIRA
(v6.4.1#64016)

Previous message: [Backlogmanager] [FIWARE-JIRA] (HELP-22532) [fiware-stackoverflow] Orion-ld Subscribe to all entities
Next message: [Backlogmanager] [FIWARE-JIRA] (HELP-20042) [fiware-stackoverflow] Control the OAuth2.0 access code lifetime for keyrock (FIWARE generic enabler) using docker-compose
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Backlogmanager mailing list

You can get more information about our cookies and privacy policies clicking on the following links: Privacy policy Cookies policy